IT Security PolicyLast updated: October 2, 2017
- In an effort to ensure better password security, Trinity Technology Services audits passwords for accounts granted on the Trinity College of Arts & Sciences network. All passwords are tested.
- Any user whose password is found to be insecure is notified and asked to change the password within a specified period of one week or longer. The user's local IT support staff is also notified.
- At the end of the specified period, accounts with passwords that remain insecure are disabled.
- In order to reenable the account, a user must seek the assistance of appropriate Trinity Technology Services staff. A temporary password is issued and the user is directed to the Duke IT Security Office Password Security page for advice on choosing a secure password. Password changing is forced at the login.
- All staff in Trinity Technology Services are required to sign the IT Confidentiality Agreement [PDF].
This document defines authorized and unauthorized access to both paper and electronic information in the context of IT staff's work-related responsibilities, and stipulates practices and measures to safeguard the confidentiality of information on Duke networks and systems.
- We request that all computers connected to the A&S Network be administered by Trinity Technology Services professionals.
- By default, root access and administrative rights on all computers are assigned to an Trinity Technology Services professional.
- Users may receive administrative rights to their computers after submitting the associated request form. However, Trinity Technology Services staff will retain administrative access to these machines. The process is meant to ensure that:
- Users become educated in and take responsibility for following standard procedures and guidelines associated with sudo access/administrative rights.
- Users follow standard written procedures for documenting the purchase of any licensed software they install.
- Laptop users must receive administrative access through the certification process described above to manage their laptops when off campus.
- Computers are administered in accordance with standard configurations, and all computers must have:
- remote management software installed to facilitate administration, upgrades and support;
- active, properly configured anti-virus software;
- service packs or patches as deemed necessary by Trinity Technology Services staff
- Network monitoring and intrusion detection is performed as deemed necessary and appropriate by designated University IT staff.
- Users are asked to follow safe and appropriate computer use practices, in accordance with the Duke University OIT Computer Policies and Guidelines and their departmental computer system user policies where they exist.
- All remote access services must be certified by Trinity Technology Services staff. These services include review of firewall configurations and the monitoring of system logs. In addition, password security is regularly tested, and accounts with crackable passwords are disabled and account holders are notified.