The best time to secure information in your project is before you even collect it. Use this guide to think through how your project will handle data at each stage, from creation to deletion.

Plan

This is where you are now. As you scope your project, here are things to consider.

• Define a Data Owner: Who is ultimately responsible for the stewardship of this data? If it isn’t you, make sure they are involved in this planning stages of this project.
• Classify the Data: What is the security...

Fighting Ransomware

Ransomware is malware...

Digital posters are PowerPoint slides with simple security messages. Use them as opening slides for presentations, digital signage, or cycle through a few of them as you wait for people to join your Zoom meeting.

...

... Read more about Infographic - Why Use VPN?

... Read more about Handout - Research Data Security Levels with Examples

The General Data Protection Regulation (GDPR) requires security measures for processing data relating to an identified or identifiable individual located in the EEA, that is, the European Union, Iceland, Liechtenstein or Norway, when such data is acquired in connection with either offering goods or services targeted to persons in the EEA or monitoring the behavior of such persons (GDPR Processing). Harvard units or programs must comply with the GDPR when conducting GDPR Processing. The GDPR requires that security measures be appropriate in light of the potential risks to the affected...

There are several ways to make working-from-home work for you. Review this guide to discover the available options.

Before you do work for Harvard on your personal network, confirm your home wi-fi has a strong unique password. Do not use default passwords from your internet provider or router manufacturer.

Preferred Option: Use your Harvard Laptop

If you have a Harvard issued laptop, your best option for working remotely is to bring your Harvard laptop home. All your custom applications and settings will be...

... Read more about Handout - Work Securely Everywhere

... Read more about Handout - Information Security Policy Quick Reference Guide

University business conducted using University tools is in compliance with University regulations and policy, and is protected by contractual and other security measures not available to consumer tools.

Secure File Transfer Services

The following services provide encryption of attached files sent to specified recipients. Remember, the body of message that accompanies the file is not encrypted, so don't put sensitive information into the message itself. 

Secure File Transfer for the following Schools is available at the links below.

• Harvard Law School: https://hlsfiletransfer.law.harvard.edu

Secure File Transfer using Kiteworks,...

In cases where Harvard is outsourcing management or processing of confidential information to an external service provider, the University contracting agent is required to choose an external service provider capable of maintaining appropriate safeguards for covered data. All vendors having access to Harvard confidential information or performing functions such as credit card processing must agree to protect this information.        

The confidentiality language in the...