Network cameras generally have two functional components, from an IT security perspective: content generation (images, video, other generated data) and network activity.
The content generated by cameras will not be approved, monitored, or controlled in any unique way by the University IT Security Office (the ITSO does reserve the right to request either a copy of security logs or network access to the camera to read the logs). The storage of data, images or other content must be consistent with the University Information Classification Framework. The ISSC or their designee must approve the installation (access controls and physical placements) prior to deployment of the cameras.
Cameras that use the Duke University network must comply with University IT Security Office Server Standard and if a camera uses a web interface,it must also comply with the University IT Security Office Web Application Security Standard. Cameras on isolated wired networks or CCTV cameras are exempt from meeting the ITSO standards.