IT Strategy: Protecting HBS Information and Data Assets

Strategic Priority: 4. Protect HBS Information & Technology Assets

The Opportunity

A secure organization is of paramount importance to HBS. Within the realm of technology protection—including assets, devices, information, and data—HBS IT aims to emphasize a security-first mindset to proactively identify, assess, and remediate vulnerabilities to minimize risk to the School.

As part of this process, HBS IT must also ensure compliance with privacy standards and regulations while establishing balanced security policies that address cyber-risks, all in partnership with Harvard University IT (HUIT).

Through the initiatives outlined in our Strategic Plan, HBS IT has the opportunity to support the School in reaching these security goals by advancing a proactive and innovative security program that meets evolving technology needs.

The Solution

HBS IT has implemented solutions to minimize the risk of data loss to HBS, including building data redundancies and other mechanisms to combat data loss. The work reduces leakage of sensitive and confidential information outside of where it should be stored or shared.

To meet security remediation goals, HBS IT has also partnered with a managed services provider to streamline security system monitoring and updating. This initiative aimed to safeguard the stability of security service programs.

The Impact & Outcomes

The data loss prevention initiative onboarded and rolled out a data protection tool in FY24, reducing the risk of information leaks and improving the School’s ability to respond when data may be in jeopardy. The tool enhances protection of sensitive data and Personally Identifiable Information (PII) by providing advanced alerting of data leaks outside of areas approved for sensitive HBS or Harvard information.

Security remediation efforts have also made significant progress reducing the number of vulnerabilities in HBS’s footprint. These efforts involve establishing a sustainable process for remediations and risk reduction, allowing HBS to stay ahead of vulnerabilities now and into the future.

While all the initial program objectives in the Strategic Plan were achieved, the team continues additional operational security efforts in FY25 anchored in our security-first mindset.