Secure your research data

Research data can be vulnerable to unauthorized access, file corruption, or data loss if not treated appropriately when using, saving, or sharing files. Identifying technical solutions and processes that will be used to secure your data files is an important component of planning for data management.

Back up data

Important data should never only exist on a single disk or a single computer at any one time. Computer hard drives can and do fail, and mobile devices can be lost or stolen.

Make sure to have adequate back ups, with three copies stored in two different locations.

  • one local working copy (e.g. your laptop or workstation)
  • one external copy local to SFU (e.g. SFU OneDrive or other local storage)
  • one extra copy elsewhere (e.g. external disk drive)

Be cautious when using cloud services. While being able to easily share files with collaborators and having the contents of a single folder automatically replicated are very useful features and researchers frequently use them, ethical standards and current privacy legislation will not allow data involving human subjects to be stored in most cloud services such as Dropbox or Google Drive. Doing so may expose you or your research to other liabilities.

Encrypt data

Encryption strategies can provide extra security for confidential or sensitive data. In general, encryption means that files are saved in a "scrambled" state and are only readable to users with the correct password or credentials. It is important to maintain any credentials or encryption keys separately from the data itself. If the encryption key is lost, the data will be inaccessible.

Local encryption can protect unauthorized access to data if the physical copy is lost or stolen. Some options are:

  • BitLocker for Windows computers, which can be enabled in the Settings menu. This can encrypt disk volumes and USB devices.
  • FileVault for Mac OS, which is usually enabled by default.

Most forms of data transfer (such as email) do not include encryption at all points. This means that it is possible to intercept the transmission and access the data being transferred. Even messaging apps that advertise end-to-end encryption may still collect metadata or require that both parties enable encryption. 

For more information, see the UK Data Services recommendations for encryption.

Additional resources

File formats for your research data
Help ensure long-term accessibility to your research data by making informed file format decisions.

Safeguard your data
Developed by a  joint Government of Canada-Universities Working Group, this portal provides a number of resources for assisting in assessing and securing your research data