Information Security and Data Privacy

Information Security and Data Privacy (PrivSec)

Protecting information is more than just keeping computers online and hackers out. It means systems that prioritize data safety, thoughtful consideration of the information we collect, and careful stewardship of its use.

Our mission is to protect Harvard's information assets and bolster the university's trustworthiness as a steward of personal data.

Learn more about the team
students in auditorium

Know the risks and how to safeguard assets.

Classify Risk

Determine the risk "level".

Apply Standards

Secure system configuration.

Shield Data

Secure data handling.

Know the responsibilities of each role.

Community Members

System Administrators

Data Stewards

Know the frameworks that govern our actions.

Industry Standards and Regulations

Security standards ensure consistent protection and quality in safeguarding systems and data, while privacy regulations provide legal frameworks to protect personal information.

Harvard Enteprise Information Security Policy

This policy outlines the roles and responsibilities for protecting data and systems, ensuring confidentiality, integrity, and availability of University assets.

University-Wide Privacy Principles

While our university-wide privacy principles are aspirational, they reflect common elements found in privacy regulations worldwide, many of which apply to Harvard.

Know the best practices.

Both at home and at the university.

Visit the Best Practices Resource Hub for additional best practices and helpful resources

Apply Updates

Set software to auto-update; install updates and restart if needed.

Download icon

Protect Identity

Use strong, unique passwords; enable multi-factor; utilize password managers.

Thumbprint icon

Stay up to date

Digital Digest

Join the mailing list to receive the Digital Digest newsletter from HUIT.

newsletters

Phish Bowl

Learn about our Phishing Simulation Program and view past phish!

colorful cartoon fish in a fish bowl