About

About

Our team strives to be a trusted partner to the community,
and leaders in information security and data privacy.​

Contact Us
harvard shield

Leadership

Michael Tran Duff

UNIVERSITY CHIEF INFORMATION SECURITY AND DATA PRIVACY OFFICER

Michael has devoted his career to serving academic and research institutions.  Prior to joining Harvard, he served as Chief Information Security Officer and Chief Privacy Officer at Stanford University.  Michael completed his undergraduate and graduate degrees in computer science and physics at MIT, and he later taught undergraduate and graduate computer science courses as a Visiting Instructor at Miami University in Ohio before relocating to Silicon Valley.  Today, Michael serves on several advisory boards, providing cybersecurity and privacy expertise.

CHIEF INFORMATION SECURITY AND DATA PRIVACY OFFICER

Our Team

Whether you need guidance or training on secure data handling, privacy protections, systems, and processes; support in assessing compliance with University policies; or assistance responding to an incident when something goes wrong, we are here to help.

Architecture & Assessments

Builds reference architectures, examines systems, data, and third-party relationships for potential risks, and delivers strategies for risk mitigation.


 

Standards & Culture

Assists community members in grasping essential aspects of privacy and security, along with their responsibilities, promotes adherence to current standards, and establishes new ones as necessary.
 

Operations & Engineering

Ensures the implementation of appropriate tools and defenses, identifies system vulnerabilities for remediation, detects and analyzes intrusions and manages Data Subject Rights Requests.

Deputy CISDPO

Fills the role of CISDPO when the CISDPO is not present, measures and reports on the program’s progress and effectiveness, and by leading incident preparedness and response.​

Privacy Strategy & Integration

Formulates privacy program strategy, builds privacy into all ISDP functions, and leads special projects.​

Portfolio Mgmt & Governance Support

Facilitates ISDP programs, coordinates monthly OKRs, and ensures effective interactions with governance entities.​​

School PrivSec Officers (SPSOs)

School PrivSec Officers work in partnership with the University Information Security and Data Privacy (ISDP) team to manage risk by promoting the University program, ensuring school systems are fortified and vulnerabilities are remediated, operationalizing the University-wide Privacy Principles, and addressing the unique needs of their schools.

Contact your School PrivSec Officer with non-urgent questions, concerns, or school-specific research and administrative inquiries.

View SPSOs (HarvardKey required)

Contact

Information security and data privacy at Harvard is managed through a partnership of School "PrivSec" Officers (SPSOs) and the University Information Security and Data Privacy (ISDP) team.

Questions related to ISDP services, Central Administration projects, training, assessments, secure computing, policy and principles should be directed to ISDP.