About
About
Our team strives to be a trusted partner to the community,
and leaders in information security and data privacy.
Leadership
Michael Tran Duff
UNIVERSITY CHIEF INFORMATION SECURITY AND DATA PRIVACY OFFICER
Michael has devoted his career to serving academic and research institutions. Prior to joining Harvard, he served as Chief Information Security Officer and Chief Privacy Officer at Stanford University. Michael completed his undergraduate and graduate degrees in computer science and physics at MIT, and he later taught undergraduate and graduate computer science courses as a Visiting Instructor at Miami University in Ohio before relocating to Silicon Valley. Today, Michael serves on several advisory boards, providing cybersecurity and privacy expertise.
Our Team
Whether you need guidance or training regarding secure data handling, privacy regulations, systems, or processes; need to assess compliance with university policies; or respond to an incident when something goes wrong, we are here to help.
-
Architecture & Assessments
Develops reference architectures, assesses high risk systems and data and provides risk mitigation guidance.
-
Standards & Culture
Assists our community members in grasping essential aspects of privacy and security, along with their responsibilities, promotes adherence to current standards, and establishes new ones as necessary.
-
Operations & Engineering
Ensures the implementation of appropriate tools and defenses, identifies system vulnerabilities for remediation, and detects and analyzes intrusions.
-
Deputy CISDPO
Fills the role of CISDPO when the CISDPO is not present, measures and reports on our program’s progress and effectiveness, and by leading incident preparedness and response.
-
Privacy Strategy & Integration
Formulates privacy program strategy, builds privacy into all ISDP functions, and leads special projects.
-
Portfolio Mgmt & Governance Support
Facilitates ISDP programs, coordinates monthly OKRs, and ensures effective interactions with governance entities.
School PrivSec Officers (SPSOs)
Works to manage risk in partnership with the University Information Security team by promoting the university program, ensuring that school systems are fortified and vulnerabilities are remediated, operationalizing the university-wide Privacy Principles, and by providing unique school needs.
Contact your School PrivSec Officer with non-urgent Information Security questions or concerns.
Transparency
Harvard University is committed to providing a safe and reliable computing environment for students, faculty and staff. The purpose of this page is to describe some of the methods and protocols used by Harvard Information Security to deliver on that commitment.
Contact
Information security and data privacy at Harvard is managed through a partnership of School "PrivSec" Officers (SPSOs) and the University Information Security and Data Privacy (ISDP) team.
Questions related to ISDP services, Central Administration projects, training, assessments, secure computing, and policy may be directed to ISDP.
School specific research and administrative questions should be directed to your SPSO.
- Email: ithelp@harvard.edu
- Phone: 617 495-7777