Keeping our data and systems safe and secure

March 22, 2022

The following message was sent to the Harvard community by UCIO Klara Jelinkova on Tuesday, March 22, 2022. 

Dear Members of the Harvard Community,

Recent headlines have shown that cyber criminals are becoming more brazen and creative in their attempts to gain access to our data and accounts. Sophisticated criminal enterprises are targeting both institutions and private individuals; from large-scale theft of intellectual property to individual identity theft, including filing fraudulent tax returns.

We all have a role to play in protecting Harvard’s data and systems—and our own. Practicing good security habits is always important, especially so in times of heightened risk. The following small actions can make a big difference in keeping information safe and secure.

 
Be alert for suspicious messages
 

Cyberattacks often begin with fraudulent “phishing” messages intended to make you open a file, click a link, install a plug-in or tool, or make a payment. These messages often impersonate trusted contacts and use emotive or urgent language to ask you to do something out of the ordinary, or something ordinary in an unusual way.

If you receive a suspicious message:

  • Do not click any links or open any attachments
  • Forward the message to phishing@harvard.edu
  • Delete the message

Find more tips on how to spot phishing messages here.

 
Protect your accounts
 

Two-step verification significantly improves the security of your HarvardKey account. However, if you see repeated Duo push notifications asking you to approve a login that you didn’t initiate, it could mean someone else is attempting to access your account.

If you receive an uninitiated Duo push notification:

Find more tips on protecting your accounts and logins here.


Apply updates to your devices and apps
 

Cyberattacks exploit vulnerabilities in devices or apps to install malicious code and enable unauthorized access to systems and data. Installing the latest security updates minimizes this risk.

  • Harvard devices and apps: Allow updates to install and reboot as soon as you can. Do not defer important security updates.
  • Personal devices and apps: Ensure automatic updates are enabled and reboot your devices at least once a week:

Find more details on keeping your devices and apps up to date here.

If you have security questions or concerns, or if you need to report an incident, please contact ithelp@harvard.edu. Thank you again for your commitment to keeping Harvard’s data safe and secure. 
 
Sincerely,

Klara Jelinkova
Vice President and University Chief Information Officer