Storing and securing your data Research Data Management Support Services UK Data Service University of Essex April 2014
Overview Looking after research data for the longer-term and protecting them from unwanted loss requires having good strategies in place for securely storing, backing-up, transmitting, and disposing of data. Collaborative research brings challenges for the shared storage of, and access to, data. Areas of coverage Making back-ups Data storage File sharing and collaborative environments Data security Data transmission and encryption Data disposal
Stuff happens: fieldwork nightmare I m sorry but we had to blow up your laptop. What.all my client case notes and testimony, writing, pictures, music and applications. Years of work. NO!!!! Source: lilysussman.wordpress.com
Stuff happens: data inferno What if this was your university, your office, your data? Fire destroyed a University of Southampton research centre resulting in significant damage to data storage facilities Source: BBC
Stuff happens: hard drive failure Source: http://blog.backblaze.com/2013/11/12/how-longdo-disk-drives-last/
Backing-up data It s not a case of if you will lose data, but when you will lose data Make sure you don t lose it for good by keeping additional backup copies Protect against: software failure, hardware failure, malicious attacks, loss, accidents etc. Ask yourself: would your data survive a disaster?
Backing-up strategy Consider: What needs to be backed-up? All, some, just the bits you change? What media? External hard drive, DVD, online etc. Where? Original copy, external local and remote copies What method/software? Duplicating, syncing, mirroring How often? Assess frequency and automate the process For how long? How long you will manage these backups for How can you be sure? Never assume, regularly test a restore, and use verification methods
Local data storage All digital media are fallible Optical (CD, DVD) & magnetic media (hard drives, tape) degrade lifespan even lower if kept in poor conditions Physical storage media become obsolete e.g. floppy disks Copy data files to new media two to five years after first created
Storage services Online or cloud services increasingly popular Google Drive, DropBox, Microsoft SkyDrive etc. Accessible anywhere Background syncing Mirror files Mobile apps available Very convenient Everyone uses them, and that s ok BUT precautions must be taken.. Consider if appropriate, as services can be hosted outside the EU (DPA for personal data) Encrypt anything sensitive or avoid services altogether
Other storage options Your university or department may have options available e.g. secure backed up storage space VPN giving access to external researchers locally managed Dropbox-like services such as owncloud and ZendTo secure file transfer protocol (FTP) server Data repository or archive a repository acts as more of a final destination for data many universities have data repositories now catering to its researchers UK Data Service has it s own recently launched service called ReShare, for social science data of any kind
Demo: SyncToy synchronising For syncing two folders - free download from Microsoft User friendly, at the price of power
Verification and integrity checks Ensure that your backup method is working as intended Be wary when using sync tools in particular mirror in the wrong direction or using the wrong method, and you could lose new files completely Applies to online DropBox-like syncing services too You can use checksums to verify the integrity of a backup Also useful when transferring files Checksum somewhat like a files fingerprint but changes when the file changes
Demo: MD5 checksum checks Calculate the MD5 checksum value of a file to check its integrate, e.g. after back-up or transfer Example using free MD5summer software (http://www.md5summer.org/) Mac OSX has built in MD5 functionality Online version of demo: www.dataarchive.ac.uk/media/361550/storingyourdata_checksumexercise.pdf
Version control Keep track of different copies or versions of data files useful for files kept in multiple locations or which have multiple users a way to safeguard against accidental changes File names are a good way to do this unique descriptive names for files include date and/or version number in name indicate relationships between files e.g. FoodInterview_1_draft; FoodInterview_1_final; HealthTest_06-04- 2008; BGHSurveyProcedures_00_04
Example: version control table
Example: Google Drive version control Collaboratively edit documents in the cloud while tracking version history
Non-digital storage Printed materials, photographs degradation from sunlight and contact (sweat on skin, acid in paper) use high quality media for long-term storage/preservation e.g. using acid-free paper & boxes, non-rust paperclips (no staples), no sellotape Source: http://www.tramway.co.uk/ Source: Florida State Archives Confidential items, e.g. signed consent forms, interview notes store securely, in locked container separate from data files
Data security Protect data from unauthorised access, use, change, disclosure and destruction Personal data need more protection always keep separate and secure Who knows who s watching..!
Data security strategy Control access to computers: use passwords, lock your machine when away from it anti-virus and firewall protection, power surge protection all devices: desktops, laptops, memory sticks, mobile devices all locations: work, home, travel restrict access to sensitive materials e.g. consent forms, patient records Control physical access to buildings, rooms, cabinets Proper disposal of data and equipment Even reformatting the hard drive is not sufficient
Encryption Always encrypt personal or sensitive data = anything you would not send on a postcard e.g. moving files, interview transcripts e.g. storing files to shared areas or insecure devices Basic principles applies an algorithm that makes a file unreadable need a key of some kind (passphrase, file) to decrypt The UK Data Service recommends Pretty Good Privacy (PGP) more complicated than just a password, but much more secure involves use of multiple public and private keys Image source: RRZEicons
Encryption software Many free software options that are easy to use TrueCrypt http://www.truecrypt.org/ Free, cross platform AxCrypt* http://www.axantum.com/axcrypt/ Free, Windows only Encrypt hard drives, or partitions of hard drives, Encrypt files and folders Encrypt portable storage devices such as USB flash drives *Note: take caution when installing AxCrypt to ensure that you uncheck options to install extra bundled software
Demo: Encryption with TrueCrypt You can use TrueCrypt to create a reusable encrypted storage space (or volume ) See also alternative demo of encryption with Safehouse Explorer (Windows only): www.dataarchive.ac.uk/media/312652/storingyourdata_encryptionexercise.pdf
Data destruction When you delete a file from a hard drive, the chances are it s still retrievable even after emptying the recycle bin Files need to be overwritten (ideally multiple times) with random data to ensure they are irretrievable File on hard disk drive File deleted from disk X X X X File securely deleted from disk
Data destruction software BCWipe - uses military-grade procedures to surgically remove all traces of any file Can be applied to entire disk drives AxCrypt* - free open source file and folder shredding Integrates into Windows well, useful for single files If in doubt, physically destroy the drive using an approved secure destruction facility Physically destroy portable media, as you would shred paper *Note: take caution when installing AxCrypt to ensure that you uncheck options to install extra bundled software
Summary of best practise in data storage and security Have a personal backup/storage strategy original local copy, external local copy and external remote copy Copy data files to new media two to five years after first created Know your institutional back-up strategy Check data integrity of stored data files regularly (checksum) Create new versions of files using a consistent, transparent system Encrypt sensitive data crucial if using web to transmit/share Know data retention policies that apply: funder, publisher, home institution and remove sensitive data securely where necessary
Contacts Collections Development team UK Data Service University of Essex datasharing@ukdataservice.ac.uk