Learn more about services and tools provided by the Duke Security Offices:
Duke data must be protected on our own systems and when stored with a vendor. Vendor risk assessments help you make an informed decision when selecting a vendor to handle Duke data.
Duke University: Vendor Risk Assessment Process
Duke Health: Initiating a DHTS Demand review is done through ServiceNow (SNow) in the Service Request Catalog (SRC).
The Security Offices scan Duke networks for known vulnerabilities and work with departments and schools to remediate them. Please contact email@example.com if you believe that one of our scans has caused an issue on your network or systems.
Duke University: Currently, vulnerability scanning occurs in three day increments. For more detailed information on our vulnerability scanning procedure, including scanning tools, scope, and exclusions, see the Vulnerability Management Procedure.
The Security Offices respond to and manage computer security incidents, which includes determining scope of the incident, containing risk, preserving evidence, investigating via network and computer forensics and managing remediation.
The Security Offices run intrusion detection and intrusion prevention systems to protect assets and detect compromised machines on the network. The systems are occasionally used to quarantine machines due to security concerns. If you suspect your machine is quarantined, please contact the OIT Service Desk (919-684-2200) for assistance.
- Duke University: See the Network Monitoring and Defense Service Guide.
Duke uses data loss prevention tools to help departments find and secure "at-risk" data.
- Duke University: DLP is coordinated through the IT Security Office in conjunction with departments to scan departmental servers for sensitive data such as Social Security or credit card numbers. The service is provided to help departments, faculty and staff identify and remove that data in accordance. See the University's Data Loss Prevention (DLP) Tool Access and Use Policy and Data Loss Prevention (DLP) Tool Usage Procedure.