Policies, Standards, & Procedures
Enter a keyword and/or use the dropdown options. Then click SEARCH.
Minimum Security Standards: Endpoints
These standards are intended to provide website owners/maintainers with guidance on securing websites in order to protect the sites from attacks.
This chart outlines which Duke services are appropriate for use with sensitive, restricted and public data.
All decommissioned institutional devices are required to be sent to Duke Surplus for disposal.
The Responsible Disclosure policy addresses the need to identify and report security vulnerabilities within Duke systems and networks.
Under certain circumstances, the IT Security Office may need to remove vulnerable, infected or compromised machines from Duke’s network.
Enterprise Data Center: Contingency Operations
Enterprise Data Center: Maintenance Records
Enterprise Data Center: Facility Security
Enterprise Data Center: Facility Access Control