Policies, Standards, & Procedures
Enter a keyword and/or use the dropdown options. Then click SEARCH.
This service document defines the Protected Network service and outlines the roles and responsibilities of OIT, ITSO and Protected Network customers.
This policy defines the requirements for notification, testing, and installation of security-related patches on devices connected to Duke networks.
Data Loss Prevention (DLP) Tool Usage Procedure
Data Loss Prevention (DLP) Tool Access and Use Policy
Logging is an essential information security control that is used to identify, respond, and prevent operational problems, security incidents, policy violations, fraudulent activity; optimize system and application performance; assist in business recovery activities; and, in many cases, comply with federal, state, and local laws and regulations.
Network, host and application vulnerability scanning on university networks is prohibited, unless authorized by the University IT Security Office (ITSO).
The purpose of this standard is to assist Duke system administrators in establishing strict rules for the base configuration and management of workstations owned and/or operated by Duke University.
This policy outlines how logs are used and retained; as well as restrictions on their use.
The purpose of this standard is to establish guidelines for the use of encryption to ensure the confidentiality and integrity of Sensitive data in transit on a network or stored on mobile devices or removable media.