Data management helps you to avoid data loss and to protect sensitive or personal data during your research.
Having a backup strategy in place for your research data gives you insurance against two serious threats your data faces during your research process:
The 3-2-1 backup rule asks you to have at least three copies of your data on at least two different kinds of storage media and to keep at least one copy in a different location.
Using the cloud storage of the University of Limerick (see below) makes the implementation of a backup strategy much easier as you do not need to worry about failure or loss of physical storage media. Cloud storage takes care of the 3-2-1 backup rule with multiple copies in multiple locations (and on various media).
Cloud storage also safeguards against accidental data loss. UL OneDrive allows you to retrieve previous versions of your data or to recover deleted files for up to three months. It is nonetheless good research practice to keep multiple (significant) iterations of your data. This helps you to revert back to an earlier version if your data processing goes awry and also helps you to keep track of (and document) all processing steps in order to make your research reproducible. Keeping multiple versions of your data can be done in the cloud storage if you implement good practices regarding file and folder names.
UL’s OneDrive for individual research projects
OneDrive is the university’s recommended option for cloud-based storage of personal work files and can be used with UL credentials by all staff and students. ITD provides guides on OneDrive.
OneDrive gives you a good framework to handle personal data. To increase safekeeping of personal data it is advised to handle them in the cloud only (via a browser) and not to download personal data onto your device. This is particularly important if you use your own device and not an UL owned device that provides additional security via encryption. ITD provides guidelines for personal data in OneDrive. OneDrive can be used to share data with others (How-to guide by ITD).
Please note that access to UL’s OneDrive storage will be lost after graduation or leaving the university and the content of your OneDrive would not be retained by the university. Data sets underpinning research results after the completion of a research project (or stage of a project) should be made (permanently) accessible via a data repository.
UL’s MS Teams storage for collaborative research projects
While files and folders in OneDrive can be shared, collaborative research projects are better served by setting up a MS Teams storage space (MS Teams guidance by ITD).
All university members can set up a collaborative cloud storage space for a research team with their UL credentials. Team members from other institutions can be included.
If a research team uses a collaborative file storage data management responsibilities and ownership of the data needs to be clarified before the start of the research project. It is also recommended to agree upon and implement conventions for file and folder names.
Storing personal and sensitive data in collaborative cloud storage needs particular attention and care. As the admin of a Teams storage space, you can manage access and editing rights, but protocols for transferring and handling such data in general and particularly on machines not owned by UL need to be in place and be understood and obeyed by all team members working with such data (see below).
MS Teams storage spaces are intended for data storage and management in ongoing research projects. Data sets underpinning research results after the completion of a research project (or stage of a project) should be made (permanently) accessible via a data repository.
Usage of other cloud storage providers
At the University of Limerick the recommended cloud storage solutions are provided by Microsoft (OneDrive, Teams, Sharepoint). UL has no central contract with Google (or any other cloud storage provider). While you can use your UL credentials to sign in to Google services we do not recommend or support the use of Google storage services for UL data.
Storage in collaborative projects
In collaborative projects with other institutions, you will usually have joint responsibility for the secure storage of research data. In these situations, you need to agree with the other institution where the research data will be held (GDPR requires a Joint Controller Agreement in these cases). The solution can be UL’s Teams storage, or a service provided and supported by the partner institution.
IT Security
When handling research data you should follow best practices in IT security and adhere to UL’s IT Security Policy. This involves:
Mobile devices represent a significant risk to data security. If you use Ul owned mobile devices for your research the ITD Mobile Device Procedure applies.
If you use your own devices (computers or mobile devices) to handle research data be cautious and follow the ITD Personal Device Procedure.
Encryption
Encryption provides an additional layer of security against unauthorized access in storing data in a way that is only readable with a key (ITD guidance). Encryption can be applied at the device level or at file (or folder) level.
Using UL's cloud storage (OneDrive, Teams storage) protects personal data via encryption. The best advice is therefore to handle personal data remotely in the cloud via the browser. If there is a need to handle personal data directly on a UL-owned laptop then this is possible because they are set up with encryption on the device level. In any case: follow the advice of the Data Protection Office on Keeping Personal Data Secure.
If you use your own device, you should never download and store personal data on it. You can however use your own device to access research data containing personal data from your research project and work online in UL Cloud Storage. Cloud storage can also be used to safely give access to team members as you can manage and control access rights (removing the need to email data).
The encryption on UL-owned devices, the security and collaborative features of UL’s cloud storage solutions and the adherence to data protection advice render the encryption of data on the file/folder level unnecessary in most cases. It is however an important part in research workflows with particularly sensitive personal data (for example about vulnerable groups like children). File/folder level encryption can be done with MS Office programs like Word and Excel (an option when saving documents) or with tools like WinZip. Encryption on file/folder level increases the complexity of your data management as you need to always keep encrypted data and the key/password separate.