Data Security

The following list of security tips are recommended to help researcher to ensure the security of their research data.

Computer Security

  • Regularly back-ups of critical data
  • Lock your workstation/computer and go offline when not in use (Windows key + L)
  • Turn your computers off when you leave for the day
  • Use virus and spyware/adware protection software
  • Use a software and/or hardware firewall
  • Regularly download software security patches

Password Management

  • The longer the better
  • Should be changed every 3 months
  • Should not be found in any dictionary in any language
  • Never write them down or share them with anyone
  • Use alphanumeric characters
  • Misspell woords & add speshul ch@ract3rs
  • Easy to remember phrases can equal complicated passwords

Physical Security

  • Keep confidential documents off your desk
  • Do not share your access
  • Take note of strangers in your area
  • Use laptop locking devices
  • Keep a record of make, model, serial number
  • Do not store laptops in your automobile
  • Store confidential data in a water/fire proof safe

Internet Data Collection Security

  • IP addresses can identify an individual’s computer
  • Use a sophisticated website script that prevents people from abusing and spamming your online data collection
  • Email is not a secure method of data collection. If you must use email, you should use “encrypted” email (e.g., PGP encryption).

Cloud Computing

  • Examples include the following types of third party services: Social Networking Services, Online Backup Services (e.g., Dropbox), Google Docs, Network Storage, Web-based Email (e.g. Gmail, Hotmail).
  • Identifiable research information cannot be stored on a third party cloud computing environment
  • Information stored in a cloud computing environment may be considered the cloud vendor’s data. If you opt to use these services for storing anonymous data, be aware of the vendor’s usage policy and privacy policy.

Types of Confidential Information

  • Financial information
  • Medical information
  • Personal information (e.g., IC, birthdates, etc)
  • Academic records (e.g., grades, evaluations, etc)
  • Identifiable human subject research
  • Industry secrets and defense research
  • Patentable research

Protecting Confidential Data

  • Use encryption to protect confidential files
  • Windows XP Professional has the Encrypting File System (EFS)
  • Windows 7 has the BitLocker Drive Encryption
  • Store all critical information on removable media with encryption
  • Keep confidential files off of network drives
  • Remove identifiers and randomly code confidential data

Disposal of Confidential Data

  • Use cross-cut shredders better than strip-cut shredders to destroy paper-based confidential data.
  • Data ARE NOT completely deleted off of your hard drive if you just click the delete button, empty the recycle bin, or reformat the hard drive on your computer.
  • Use data erasing software program to make sure the data had been deleted from your hard drive.

Free Security Programs

There are free programs which user have to pay software applications. Please review the license agreement for each software application prior to installing it on your computer.

  • Anti-Virus
    • Windows Defender
    • Avast
  • Adware/Spyware Remover
    • Malwarebytes
    • Adaware
    • Spybot Free
  • Firewall
    • ZoneAlarm Free Firewall 2018
    • Kerio Personal Firewall 4
  • File Archiver/Zip Utility
    • 7-Zip
  • Folder Synchronization Backup Utility
    • SyncBackFree
  • Temp File Cleaner
    • CCleaner
  • Secure File Erase Utility
    • Eraser
  • Secure Drive Erase Utility
    • Darik’s Boot and Nuke
  • Secure File Encryption Utility
    • AxCrypt
  • Secure Drive Encryption Utility
    • Bitlocker (Windows 10)
    • FileVault 2 (Mac)
  • Password Manager
    • KeePass Password Safe
    • KeyWallet

 

 

Advertisements