Duke faculty, staff and students working with sensitive research data must do so on systems that comply with IT Security Policies. The Protected Network Policy meets these requirements and provides a secure environment for the storage and analysis of sensitive research data.
The protected network offers the following security measures:
- All network access occurs via encrypted connections: Secure Shell (SSH), Remote Desktop Protocol (RDP) and Virtual Private Network (VPN).
- Access requires a valid Duke NetID combined with multi-factor authentication.
- Authorization for data access is controlled by the IT Security Office and delegated to research Principle Investigators (PIs). Only those users approved by the PI are granted access.
Systems in the protected network comply with the University IT Security Office’s Server Security Standards, which include requirements for regular patching; removal of unneeded services; centralized logging; running a host-based firewall; running an anti-virus program; and regular backups.
Backups of data stored in the protected network are encrypted.
All workstations and laptops allowed to access the data are required by policy enact the following protections on their computers accessing the Protected Network: regular patching; running an antivirus program; encrypt laptops; and enable a host-based firewall.
It is possible to tailor distinctive environments within the protected network. The SSRI Protected Research Data Network, for example, enables localized control of certain capabilities that the Social Sciences Research Institute manages directly.
Download a Protected Network info sheet.
Need to request resources on the Protected Network?
Visit OIT’s ClockWorks service to request a "Secure project". Once that request has been approved, you will be able to request storage or virtual machines in the protected network; when doing so, be sure to answer "Yes" to the question: "Sensitive Data?" as well as select the newly created Secure Project from the drop-down box immediately following.