Pages

    IT Security Policies ↳

    Standard
    These Information Security Requirements apply to everyone at Harvard. They provide additional detail on how to be compliant with Policy and should be used as a normal part of daily life at Harvard in order to keep both Harvard confidential data and your own personal information secure.

    Security Minimal Viable Product Requirements for HUIT Hosted/Managed Server Instances

    Standard
    The scope of this standard extends to all server instances that are within the HUIT domains on a fully-managed basis, or are hosted within HUIT on behalf of customers that administer the server instances. The overarching goal of this work is to satisfy Harvard’s HUIT Information Security Policy Objectives and NIST Cyber-Security Framework (CSF) Objectives.

    ... Read more about Security Minimal Viable Product Requirements for HUIT Hosted/Managed Server Instances

    Website Analytics

    Advisory
    This advisory provides guidance on striking a balance between using website traffic analysis tools (i.e. analytics) to create a better user experience for website visitors and avoiding unnecessary collection of information about our users that could constitute a breach of trust.
    ... Read more about Website Analytics