Storing and securing your data

Transcription

1 Storing and securing your data Veerle Van den Eynden UK Data Service Advanced training course Managing and sharing your research data June 2015

2 Overview Looking after research data for the longer-term and protecting them from unwanted loss requires having good strategies in place for securely storing, backing-up, transmitting, and disposing of data. Collaborative research brings challenges for the shared storage of, and access to, data. Areas of coverage Making back-ups Data storage File sharing and collaborative environments Data security Data transmission and encryption Data disposal

3 Stuff happens: fieldwork nightmare I m sorry but we had to blow up your laptop. What.all my client case notes and testimony, writing, pictures, music and applications. Years of work. NO!!!! Source: lilysussman.wordpress.com

4 Stuff happens: data inferno What if this was your university, your office, your data? Fire destroyed a University of Southampton research centre resulting in significant damage to data storage facilities Source: BBC

5 Stuff happens: hard drive failure Source:

6 Backing-up data It s not a case of if you will lose data, but when you will lose data Make sure you don t lose it for good by keeping additional backup copies Protect against: software failure, hardware failure, malicious attacks, loss, accidents etc. Ask yourself: would your data survive a disaster?

7 Backing-up strategy Consider: What needs to be backed-up? All, some, just the bits you change? What media? External hard drive, DVD, online etc. Where? Original copy, external local and remote copies What method/software? Duplicating, syncing, mirroring How often? Assess frequency and automate the process For how long? How long you will manage these backups for How can you be sure? Never assume, regularly test a restore, and use verification methods

8 Local data storage All digital media are fallible Optical (CD, DVD) & magnetic media (hard drives, tape) degrade lifespan even lower if kept in poor conditions Physical storage media become obsolete e.g. floppy disks Copy data files to new media two to five years after first created

9 Storage services Online or cloud services increasingly popular Google Drive, DropBox, Microsoft SkyDrive etc. Accessible anywhere Background syncing Mirror files Mobile apps available Very convenient Everyone uses them, and that s ok BUT precautions must be taken.. Consider if appropriate, as services can be hosted outside the EU (DPA for personal data) Encrypt anything sensitive or avoid services altogether

10 Other storage options Your university or department may have options available e.g. Secure backed up storage space VPN giving access to external researchers Locally managed Dropbox-like services such as owncloud and ZendTo Secure file transfer protocol (FTP) server Data repository or archive A repository acts as more of a final destination for data Many universities have data repositories now catering to its researchers UK Data Service has it s own recently launched service called ReShare, for social science data of any kind

11 Demo: SyncToy synchronising For syncing two folders - free download from Microsoft User friendly, at the price of power

12 Verification and integrity checks Ensure that your backup method is working as intended Be wary when using sync tools in particular Mirror in the wrong direction or using the wrong method, and you could lose new files completely Applies to online DropBox-like syncing services too You can use checksums to verify the integrity of a backup Also useful when transferring files Checksum somewhat like a files fingerprint but changes when the file changes

13 Demo: MD5 checksum checks Calculate the MD5 checksum value of a file to check its integrate, e.g. after back-up or transfer Example using free MD5summer software ( Mac OSX has built in MD5 functionality Online version of demo:

14 Version control Keep track of different copies or versions of data files Useful for files kept in multiple locations Or which have multiple users A way to safeguard against accidental changes File names are a good way to do this Unique descriptive names for files Include date and/or version number in name Indicate relationships between files e.g. FoodInterview_1_draft; FoodInterview_1_final; HealthTest_ ; BGHSurveyProcedures_00_04

15 Example: version control table

16 Example: Google Drive version control Collaboratively edit documents in the cloud while tracking version history

17 Non-digital storage Printed materials, photographs degradation from sunlight and contact (sweat on skin, acid in paper) use high quality media for long-term storage/preservation e.g. using acid-free paper & boxes, non-rust paperclips (no staples), no sellotape Source: Source: Florida State Archives Confidential items, e.g. signed consent forms, interview notes store securely, in locked container separate from data files

18 Data security Protect data from unauthorised access, use, change, disclosure and destruction Personal data need more protection always keep separate and secure Who knows who s watching..!

19 Data security strategy Control access to computers: use passwords, lock your machine when away from it anti-virus and firewall protection, power surge protection all devices: desktops, laptops, memory sticks, mobile devices all locations: work, home, travel restrict access to sensitive materials e.g. consent forms, patient records Control physical access to buildings, rooms, cabinets Proper disposal of data and equipment Even reformatting the hard drive is not sufficient

20 Encryption Always encrypt personal or sensitive data = anything you would not send on a postcard e.g. moving files, interview transcripts e.g. storing files to shared areas or insecure devices Basic principles Applies an algorithm that makes a file unreadable Need a key of some kind (passphrase, file) to decrypt The UK Data Service recommends Pretty Good Privacy (PGP) More complicated than just a password, but much more secure Involves use of multiple public and private keys Image source: RRZEicons

21 Encryption software Encrypt hard drive, USB drive, folder: BitLocker (Windows) FileVault (Mac) TrueCrypt (unsupported) Encrypt individual files: Axcrypt 7zip *Note: take caution when installing AxCrypt to ensure that you uncheck options to install extra bundled software

22 Demo: Encryption with BitLocker You can use BitLocker to encrypt your hard drive or USB drive

23 Data destruction When you delete a file from a hard drive, the chances are it s still retrievable even after emptying the recycle bin Files need to be overwritten (ideally multiple times) with random data to ensure they are irretrievable File on hard disk drive File deleted from disk X X X X File securely deleted from disk

24 Data destruction software BCWipe - uses military-grade procedures to surgically remove all traces of any file Can be applied to entire disk drives AxCrypt* - free open source file and folder shredding Integrates into Windows well, useful for single files If in doubt, physically destroy the drive using an approved secure destruction facility Physically destroy portable media, as you would shred paper *Note: take caution when installing AxCrypt to ensure that you uncheck options to install extra bundled software

25 Summary of best practise in data storage and security Have a personal backup/storage strategy original local copy, external local copy and external remote copy Copy data files to new media two to five years after first created Know your institutional back-up strategy Check data integrity of stored data files regularly (checksum) Create new versions of files using a consistent, transparent system Encrypt sensitive data crucial if using web to transmit/share Know data retention policies that apply: funder, publisher, home institution and remove sensitive data securely where necessary

26 Scenario: Extending Working Lives Transition from work to retirement How operationalised in the workplace Case studies of organisations Interviews with managers and employees > 50 Observation of HR meetings Data: interview recordings and transcripts, observation notes Which data security measures are needed to handle such data? How to organise data?

27 Scenario: Phoenix Pre-eclampsia research with 900 woman at 25 medical centres in England & Wales Data: Medical data during hospital stay Questionnaire pre and post delivery (6mths, 2 yrs) Which data storage and security measures? How to organise data?

28 Scenario: Project Coast Secret Chemical & Biological Warfare programme S.A. Materials: Military documents Truth & reconciliation commission hearings Press cliipings Correspondence Interview notes Interview recordings Films How to document this data for a public archive

29 Scenario: Bath Spa Research Support How to document musical scores, images, artifacts

30 Questions? Contact details: