Once connected to the Internet, log in to Duke's VPN (https://portal.duke.edu) and select the INTL-DUKE context to secure your online access to files and Duke services.
From non-Duke networks, all access of Duke resources containing sensitive or restricted data must be via VPN (Virtual Private Network) or SSH (Secure Shell). (OIT’s VPN information is at: http://oit.duke.edu/net-security/network/remote/vpn/index.php.)
On Duke networks (wired or wireless), only secure and encrypted access methods (such as RDP or SSH) should be used to access Duke resources with sensitive or restricted data.
Unencrypted access methods should only be used to access public Duke data.
If you are unsure whether the system you will connect to contains sensitive or restricted Duke data, you should assume that it does and use an appropriate secure access method.
In practice, it is simplest to develop the habit of always using secure access methods to connect to Duke resources from non-Duke networks.
The use of remote control services is discouraged (eg GoToMyPc, LogMeIn).
Individuals must coordinate with their departmental IT staff to determine which tools their department supports.
Duke users who remotely access University servers may only download copies of University data onto University-owned and managed computers. Copies of Duke sensitive or restricted data are not to be stored on computers which are not owned and managed by Duke.
All computers used to access Duke data and services are required to meet the ITSO technical standard requirements for the classification(s) of data accessed through them. The ITSO technical standards are published on http://security.duke.edu/.