Duke faculty, staff and students working with Sensitive research data must do so on systems that comply with the IT Security Office‘s (ITSO) technical standards (available at http://security.duke.edu/policies-procedures). Duke’s protected network meets these requirements and provides a secure environment for the storage and analysis of Sensitive research data.
The protected network offers the following security measures:
All network access occurs via encrypted connections: Secure Shell (SSH), Remote Desktop Protocol (RDP) and Virtual Private Network (VPN).
Access requires a valid Duke NetID combined with multi-factor authentication.
- Authorization for data access is controlled by the IT Security Office and delegated to research Principle Investigators (PIs). Only those users approved by the (PI) are granted access.
- Systems in the protected network comply with the University IT Security Office’s Server Security Standards, which include requirements for regular patching; removal of unneeded services; centralized logging; running a host-based firewall; running an anti-virus program; and regular backups.
- Backups of data stored in the protected network are encrypted.
- All workstations and laptops allowed to access the data are required by policy enact the following protections on their computers accessing the Protected Network: regular patching; running an antivirus program; encrypt laptops; and enable a host-based firewall.
It is possible to tailor distinctive environments within the protected network. The SSRI Protected Research Data Network, for example, enables localized control of certain capabilities that the Social Sciences Research Institute manages directly. The Social Science Research Institute (SSRI), specializes in helping social science researchers navigate a myriad of issues when dealing with acquiring, storing, securing and using data.
If you are a researcher, a PDF description of the Protected Network, including the associated security protections, is available to include with proposals.
Need to request resources on the Protected Network?
Visit OIT’s ClockWorks service to request storage or virtual machines in the protected network: https://clockworks.oit.duke.edu/secure_projects. Answer "Yes" to the question: "Sensitive Data?"
Need help accessing your resources in the protected network? Access instructions are available in the Duke Knowledgebase.
Please contact the University IT Security Office (firstname.lastname@example.org) with any questions.