Principles of keeping data safe

Preventing loss and corruption

Files can be lost accidentally in many different ways. Even if they are not lost completely, they can occasionally become corrupted. If a file is severely corrupted it may be unusable, but even subtle corruption may introduce errors which go unnoticed while affecting the outcome of your research.

Things to think about

  • Regular backups: (ideally automated) to several different locations will ensure that if one copy is lost or corrupt, you can easily get it back. When deciding how often to back up, think about the maximum number of days' work you would be prepared to lose. This is why we would recommend using your Research Drive
  • Non-digital data: If you have data which is not kept on computer, you should make sure that is protected too.

Preventing unauthorised access

In many cases, you may wish to restrict access to your data to a specific list of individuals. This might be because it is commercially sensitive to your or an industrial partner, or includes sensitive personal information covered by the Data Protection Act or they are your collaborators.

This is possible by sharing project folders on your Research Drive - select the tab entitled "Shared project folders for Stirling staff" or the tab entitled "Shared project folders for external researchers"

Research data should not be held exclusively on any local storage media, e.g., a pen drive as these can be easily missplaced

Things to think about

  • Legal requirements: You may be under legal and/or contractual obligations to protect your data. If you're not sure, you can discuss this with the university's legal office, who can give you advice on your collaboration or consortium agreements and laws such as the Data Protection Act.
  • Use of secure systems: One way to restrict access is to use a password-protected system, as above. Commercial services such as Dropbox may be convenient, but are unlikely to provide sufficient protection against unauthorised access.
  • Secure passwords: Passwords are often the weak link in any secure system. Make sure you choose passwords that are long and difficult to guess. Writing them down is OK, as long as you protect your written-down password very well, just like you would with your house or car keys.
  • Encryption: You will sometimes need to send data to people who don't have access to your secure storage system. Encrypting a file before you send it via insecure means (e.g. email) ensures that the contents can only be read by someone who has the key.

See the IS Security page for further help and advice, in particular the section on Protecting Your Data.

 

See the University's IT Use Policy, particularly Section 3.4 Ensuring Security, http://www.stir.ac.uk/media/schools/is/documents/policy/itusepolicy.pdf.

 

You will also find the information on security, mobile devices and data protection from JISCLegal a useful reference, http://www.jisclegal.ac.uk/ManageContent/ViewDetail/ID/2326/Security-Mobile-Devices-and-Data-Protection.aspx.

 

Ensuring usability

An often-overlooked aspect of data safety is ensuring that it remains usable. Students and staff arrive and leave on a regular basis, and often it can seem easier to repeat a whole set of expensive experiments rather than try to understand data left behind by researchers who have left the university.

Things to think about

  • Documenting as you work In some research domains, software can be used in such a way that software command files themselves become an important part of the research data and documentation. Ideally, a researcher should train themselves to conduct their activities in such a way that the tasks they perform are recorded clearly in relevant software files, in a manner that will enable replication by others. This practice is widely recognised, for example, in the context of using statistical analysis software, where researchers are generally encouraged to store textual 'command files' (often called 'syntax files', 'do files' or 'scripts') for this purpose. 

  • Documenting data: Record information about the structure and format of your data and the process you went through to obtain it. In some cases this can be stored in the data files themselves; if not, it can be stored in a "read me" document in the same folder as the data.

  • Using standards: Be aware of standard file formats and standard nomenclature (such as letters used for variables) used in your field. Consider using files in open formats so that they can be read by a variety of software.
© University of Stirling FK9 4LA Scotland UK • Telephone +44 1786 473171 • Scottish Charity No SC011159
Portal Logon