Learn more about services and tools provided by the Duke Security Offices:
Duke's Security Offices offer annual training. See the Security Awareness and Training Service Guide.
Also, see our Security Guides for more information on topics such as securing personal devices and protecting Duke data and see the Events listing for additional awareness and training opportunities.
Duke data must be protected on our own systems and when stored with a vendor. Vendor risk assessments help you make an informed decision when selecting a vendor to handle Duke data.
Duke University: Vendor Risk Assessment Process
Duke Health: Initiating a DHTS Demand review is done through ServiceNow (SNow) in the Service Request Catalog (SRC).
The Security Offices scan Duke networks for known vulnerabilities and work with departments and schools to remediate them. Please contact firstname.lastname@example.org if you believe that one of our scans has caused an issue on your network or systems.
Duke University: Currently, vulnerability scanning occurs in three day increments. For more detailed information on our vulnerability scanning procedure, including scanning tools, scope, and exclusions, see the Vulnerability Management Procedure.
The Security Offices respond to and manage computer security incidents, which includes determining scope of the incident, containing risk, preserving evidence, investigating via network and computer forensics and managing remediation.
Submit any questions or potential incidents to email@example.com. Learn more about reporting incidents on the Get Help page.
The Security Offices run intrusion detection and intrusion prevention systems to protect assets and detect compromised machines on the network. The systems are occasionally used to quarantine machines due to security concerns. If you suspect your machine is quarantined, please contact the OIT Service Desk (919-684-2200) for assistance.
- Duke University: See the Network Monitoring and Defense Service Guide.
Duke uses data loss prevention tools to help departments find and secure "at-risk" data.
- Duke University: DLP is coordinated through the IT Security Office in conjunction with departments to scan departmental servers for sensitive data such as Social Security or credit card numbers. The service is provided to help departments, faculty and staff identify and remove that data in accordance. See the University's Data Loss Prevention (DLP) Tool Access and Use Policy and Data Loss Prevention (DLP) Tool Usage Procedure.