Best Practices - Secure Your Digital Footprint
What Is A Digital Footprint?
Every click, post, and account sign-up leaves a mark online, forming a "digital footprint"; a trail of data that can reveal much more about you than you might expect, especially when these pieces are combined. While complete anonymity or privacy online isn’t possible, you can take steps to protect your data by actively managing your digital footprint. Being intentional about what you share, and where you share it, helps keep your information safer and reinforces your cybersecurity. The goal isn’t to disappear entirely, but to maintain thoughtful control over your personal information online.
Best Practices
Search yourself online
- Search your name on major search engines to see what information is publicly available. If you find personal details in Google results, use the “Remove result” option (the three vertical dots next to the link) to request removal—though this won’t delete the information from the original website.
- For ongoing monitoring, use Google’s “Results about you” tool. Removing your data can be time-consuming, but there are services that can help; see this Consumer Reports article for more.
- Periodically check your email address on Have I Been Pwned to see if it has appeared in any data breaches. If your email is compromised, change the password immediately and update it for any accounts where you’ve reused that password.
Avoid creating unnecessary new accounts
- Many websites encourage you to create accounts to collect your data, but every new account increases your risk of spam, tracking, and data breaches. Use guest checkout whenever possible, fewer accounts mean a smaller digital footprint and less to manage.
Use Alternate Email Addresses and Phone Numbers
- Consider having separate email addresses for different purposes, such as personal, academic, or social media use.
- To protect your primary contact information, set up an intermediate phone number or email (e.g., through services like Google Voice) to use instead of your main number.
Enable Multi-factor Authentication (MFA)
- Adding an extra layer of security, such as MFA, makes it significantly more difficult for hackers to access your accounts, even if your password is stolen.
Review and adjust your privacy settings
- Limit what is publicly visible on your social media profiles.
- Restrict the types of data that platforms like Google, Facebook, and Apple can access, store, and track by adjusting your privacy settings. For step-by-step instructions, consult this Manage Your Privacy Settings guide.
Consider delisting from University Directories
- If you’re concerned about privacy or security, you may request removal of some or all of your personal information from University directories.
- Students can adjust their profile settings in Harvard directories by following these student instructions.
- Faculty and staff can follow these instructions, and will need to provide a brief explanation for their request.
- Note: Members of the community should be aware that these instructions may not result in the delisting of all Harvard-related programs and activities. Reach out to your Harvard affiliations (academic department, extracurricular activities, etc.) if you wish to make a similar request.
Steps to Take if You’ve Become the Target of Harassment
At the University:
- If you're being harassed online, there are some steps you can take to combat potential harms, including requesting takedowns of abusive content or false statements, managing attacks on social media, documenting evidence, and managing email settings. Visit our Respond to Online Abuse, Harassment and Intimidation page for guidance.
- If you or those close to you are in imminent physical danger or there has been a direct threat of physical violence, you should immediately call the Harvard University Police Department at (617) 495-1212 if you are on the Harvard campus. If you are not on campus, call 911.
General Best Practices:
Social Media Settings
- Consider temporarily disabling your social media profiles or switching them to private, so only those you are connected to can post or comment. Although your first instinct may be to respond and defend yourself online, responding to harassing messages can tend to prolong and inflame incidents. Online attacks can be intense, but they are not usually sustained for long periods of time. Other steps you can take include:
- Ignore: The goal of social media agitators (commonly referred to as trolls) is to elicit a response. In many cases, trolls move on if you ignore them long enough.
- Mute: If what someone is saying about you online is causing you distress, you can change your settings to mute them. The harassing party normally is not notified that you’ve muted them, and you can ignore their comments. If you are worried their comments may become threatening, ask a friend or colleague to check your feed on your behalf.
- Block: Several social media platforms allow you to selectively prevent others from following you, seeing your posts, or commenting on your content. Please note that when you block someone, they may receive a notification or be able to see that you’ve blocked them, depending on the platform, and may choose to criticize you on their own channels.
- Report: Reporting a user’s behavior to social media platforms could result in their account being suspended if they violated the platform’s guidelines. This strategy has limitations, as harassing messages might come from multiple accounts, making it difficult to pinpoint a culprit. Additionally, some posts might be harassing in nature but not violate specific platform guidelines.
- LinkedIn professional connections can be at particular risk if they are found to be engaging in political activities. To disable the public visibility of your profile, go to your public profile settings, and on the right-hand side you will see “Your profile’s public visibility.” Switch this setting to “off”. Further information can be found here.
- Consider temporarily disabling your social media profiles or switching them to private, so only those you are connected to can post or comment. Although your first instinct may be to respond and defend yourself online, responding to harassing messages can tend to prolong and inflame incidents. Online attacks can be intense, but they are not usually sustained for long periods of time. Other steps you can take include:
Monitor Your Accounts
- Create a way to monitor what’s going on, so you can assess any risks. Set a Google alert for your name or any keywords. Add a filter in your Gmail. Ask a friend to monitor your accounts and email you.