Security & Privacy

We all have a role to play in protecting Harvard Business School’s (HBS’s) data and systems—and our own. Practicing good security habits is always important, especially so in times of heightened risk. The following small actions can make a big difference in keeping information safe and secure.

Recent headlines have shown that cyber criminals are becoming more brazen and creative in their attempts to gain access to our data and accounts. Sophisticated criminal enterprises are targeting both institutions and private individuals, from large-scale theft of intellectual property to individual identity theft, including filing fraudulent tax returns.

Thank you for your commitment to keeping Harvard’s data safe and secure.

Review various best practices to help keep information and devices more secure.

  • Encrypting Email

    When sending sensitive information to other people, you need to be extremely careful regarding what tools you use.
  • Password Managers

    A password manager can help you juggle the need to have unique complex passwords at every site.
  • Working Remotely?

    These best practices will help you ensure that your home office is safe and secure, both for benefit of the University and for the benefit of you and your loved ones.
  • Apply Updates to Your Devices and Apps

    Cyberattacks exploit vulnerabilities in devices or apps to install malicious code and enable unauthorized access to systems and data. Installing the latest security updates minimizes this risk.

Policies and guidelines are in place at Harvard Business School and across Harvard to help the community ensure compliance and understanding of how to use technology and devices effectively and securely.

  • Personal Devices

    Security requirements, support, and encryption for personal devices.
  • Harvard Policies

    Faculty, staff, and students all have a responsibility for proper handling and protection of confidential information.

There are many ways you can protect Harvard Business School information and data. The following will help you think through the best ways to do that, based on the types of information you're dealing with.

  • Cloud Storage

    A great way to collaborate with others, or simply to access your files from multiple locations.
  • Protecting Data

    Balancing the need to protect data with our ability to use this data in collaborative efforts.
  • Research

    Requirements for conducting research or collecting information from third parties to ensure that your data is protected and that Harvard and you are protected against any liability.
  • Event Planning

    Ensure your participants' data safety as well as the availability of your event's services.

There are various scams and tactics that cybercriminals use to target us everyday. Learn more about common tactics they may use and steps you can take to minimize your risk.

  • Fraudulent Duo Pushes

    Be mindful when your phone asks you to allow a Duo push. You should know (or be able to guess) what triggered a Duo push request.
  • Mobile Payment Alert

    Not all fraud alerts are legitimate. Cybercriminals can impersonate mobile payment companies and send fake fraud alerts to attempt to scam you.
  • Phishing

    Phishing is when an email claiming to be from a legitimate source attempts to trick you into providing your personal credentials or information. 
  • Social Engineering

    A method that bad actors will use to exploit your natural inclination to trust to trick you into giving them sensitive information or access. 

Questions & Issues

We want to help you work efficiently and securely! If you have questions or issues, please contact us.

Urgent IT Security Issues

Faculty, Staff, MBA, & Doctoral Students:
call 617-495-6600.

Executive Education Participants:
call 617-495-8835.

Outside of Standard Business Hours:
Send details to