Protected Network For Research
Duke faculty, staff and students working with sensitive research data must do so on systems that comply with IT Security Policies. The Protected Network Policy meets these requirements and provides a secure environment for the storage and analysis of sensitive research data.
The protected network offers the following security measures:
- All network access occurs via encrypted connections.
- Access requires a valid Duke NetID combined with multi-factor authentication.
- Authorization for data access is controlled by the IT Security Office and delegated to research Principle Investigators (PIs). Only those users approved by the PI are granted access.
Systems in the protected network comply with the University IT Security Office’s Server Security Standards, which include requirements for regular patching; removal of unneeded services; centralized logging; running a host-based firewall; running an anti-virus program; and regular backups.
Backups of data stored in the protected network are encrypted.
All workstations and laptops allowed to access the data are required by policy enact the following protections on their computers accessing the Protected Network: regular patching; running an antivirus program; encrypt laptops; and enable a host-based firewall.