Data Security and Storage
Data security is important not only to prevent unwanted access to your data but also to prevent data loss.
Table of Contents
Even cautious people can lose data.
Dr. X leads a large, well-funded lab that conducts multiple expansive research projects. Because the lab is so busy, Dr. X and their team also receive many emails every day. Although they have taken some IT training, one of them clicks a link in a carefully-worded email and their research system becomes infected. All of Dr. X’s critical research files are encrypted; locked down until the university pays a ransom.
Depending on how well Dr. X’s research is backed up, they could be facing an impossible decision: lose years of research…or pay up.
Backup strategies, encrypting sensitive data, and data security measures help you store your data safely. This can help avoid data loss through theft or loss of your devices, accidental damage or destruction. It can also help you maintain IT security by avoiding computer viruses, malware, ransomware, and more.
Backup Strategies (3-2-1)
A good data storage plan should balance making your data easily accessible while being reliable and secure.
The good rule of thumb is:
- 3 copies of your data (at least!)
- 2 copies are on-hand (easily accessible) on different systems (internal hard drive, cloud storage, etc.).
- a “production” (working) copy
- a “production backup” copy
- 1 copy is in another location (“off-site”) from the others with a trusted service provider.
Example
1 copy is stored locally on hard drive for analysis
1 copy is stored on cloud storage platform
1 copy is stored in a secure campus drive
If you want to learn more about data backups, check out our workshop “Strategies for Research Data Storage and Backup”.
Research Data Storage Finder Tool
McMaster provides a research data storage finder tool online, which is an interactive tool to help you find, compare, and get access to different storage solutions depending on risk, volume, and other needs.
You can access this tool at https://rdm.mcmaster.ca/finder.
How Should I Protect my Data?
Encrypt Sensitive Data
Image credit: Kevin Patrick Robbins, “Moms to Babies Research, Focus Group,” June 19, 2018, McMaster Asset Bank
Sensitive data is any data that could cause harm if released openly. This includes personally identifiable information or personal health information. It can also include confidential business information (such as data that might lead to a patent), sensitive ecological information (like nesting sites for endangered species), or Indigenous cultural pracitces.
Sensitive data stored on a device that is connected to the internet should be encrypted. Encryption is when information is changed so only a person with the correct password can read it.
- Use “Full disk encryption” if you are using a personal computer or laptop. This is called FileVault on Mac OS and “device encryption” or Bitlocker on Windows.
- Encrypt individual files in Microsoft Office using the “Protect Document” function.
- Other files can be encrypted using Disk Utility on Mac OS or with a third-party tool like VeraCrypt.
For more details about working with and managing sensitive data, check out our workshop “Securely Managing and Publishing Sensitive Data”.
Enable Multi-Factor Authenticator (MFA)
- Also known as 2 factor authentication (2FA).
- Requires more than one code or ‘Factor’ to login - typically 2 factors: password and a security code sent to your phone number or generated by a linked authenticator app.
- Many other web services (Gmail, Dropbox, etc) support MFA.
- MFA is now mandatory for McMaster students, faculty, and staff - learn more here.
Password Best Practices
Make sure your online information is secure by ensuring your password is:
- Strong
- Make a strong password by combining a series of numbers, letters, and symbols into a long series of words. Try to combine them into something memorable - Like L1br@ryt1pS.
- Unique
- Use a different password for every website/service.
- Secret
- Never share your passwords with anybody, even if you trust them. Keep your passwords secret by storing them only in your head. Never send them in an email!
- Fresh
- Change your password once a year or following notification of a data breach.
- Devices
- Use a strong password on your computer and phone, too.
Tip
Remembering multiple passwords can be difficult. Use a trusted password manager to keep track of your passwords for you. Some examples are BitWarden and 1Password.
Common Password Mistakes
Make sure your passwords aren’t:
- Written Down
- Passwords written down on a piece of paper or stored in plain text on a computer may be stolen by somebody with malicious intent or easily lost.
- Too Simple
- Simple or common passwords are easy to guess or brute-force. Examples: apple, rowboat, bumblebee, blizzard, password, admin
- Identical
- Using the same password for multiple websites is like having one key for multiple locks; if it’s stolen, the thief can open them all.
For more tips on data privacy, check out our Data Privacy Best Practices workshop.
Try this quick quiz - Try and guess which of the following practices for storing, securing, and backing up data are true or false?
Key Points / Summary
- Data security and backups can prevent unwanted data access and loss.
- You should have 3 copies of your data, 2 of which should be easily accessible on different systems, and 1 should be stored in an off-site location.
- The Research Data Storage Finder Tool helps you find McMaster-approved storage providers based on size, collaboration, and risk level.
- Encrypt sensitive data.
- Enable Multi-Factor Authentication on all platforms and use a password manager.
Additional Resources
- Research Data Storage Finder Tool
- Disk Encryption Tool: VeraCrypt
- Password Managers: BitWarden, 1Password
Workshops
- Strategies for Research Data Storage and Backup
- Securely Managing and Publishing Sensitive Data
- Data Privacy Best Practices