Embedded Files
Protecting your research data from malicious actors, accidental deletion, and system failures requires several considerations. Here’s what you can do:
Understand the risk level of your research data
Know the campus resources available for research data storage, backup, and processing
Think about the workflow, or how the data will move between systems for processing and analysis
Understand your responsibilities according to university policies and guidelines
Risk Level
Risk Level
The university’s IT-2 Data Classification Standard details four levels of data risk. University IT resources are classified correspondingly to help you select the resources you need according to the risk level of your data.
Occasionally, a data provider will place restrictions on data that would not normally be considered high risk as a condition of a data use agreement (DUA). In this case, it will be necessary to abide by the agreement in place between the university and the data provider. All DUAs are non-funded agreements, and they need to be routed through research administration channels. No individual investigator is authorized to accept terms or sign agreements outside the routing process. Visit the BSOS Research Administration page or contact BSOSResearch@umd.edu for more information.
Campus Resources
Campus Resources
For most research data, UMD Box is the recommended solution. Box is rated for up to High Risk - Level 3 data and can be accessed securely in several ways, depending on the your workflow (see below). For more information, see DIT's Box FAQs. Box is free to the UMD community and features support for external collaborators, multiple permission settings, and storage limits up to 5TB.
The only appproved environment for Restricted - Level 4 data is the Controlled Unclassified Information Environment (CUIE) managed by DIT. Please contact DIT at it-research-consult@umd.edu as early as possible in project planning if you believe you have restricted data.
If you choose to store research data on your university laptop or desktop, please be aware that it is not backed up by default. DIT offers Code42, a paid backup service.
UMD Box is a better choice for research data storage in most cases and can be accessed from your laptop or desktop just like a drive letter or location using Box Drive and signing in with your UMD credentials. If you're connected to the internet, Box Drive allows you to access and work with data without the need to sync it, i.e., without the need to keep a copy locally on your computer. If you do choose to sync files to your university computer from Box for offline work, be sure you don't sync "High Risk/Level 3" files.
Workflow
Workflow
"Workflow" describes the ordered tasks and transitions that you establish to work systematically with your data and can include:
collecting or acquiring data
storing data
reading, processing, and writing out data (e.g., cleaning, transforming, and analyzing data)
transferring or sharing data with colleagues
disseminating and disposing of data and data products
The security of your entire workflow is as important as the security of your data storage. The computers, software, and networks that "touch" and transmit your data should match (or exceed) the risk level of your data and storage solution.
The security of your entire workflow is as important as the security of your data storage. The computers, software, and networks that "touch" and transmit your data should match (or exceed) the risk level of your data and storage solution.
University data must not be stored or saved on devices not owned by the university. It is strongly recommended that you use only university devices (not personally owned computers) for university business, including research. Because this isn't alway possible, particularly for students and part-time faculty, the university is in the process of developing guidelines regarding usage of personal devices for university business. One solution to the risks posed by using personal devices for university business is to use DIT's Virtual Desktop Environment or the OACS Virtual Lab. These systems enable you to work with data securely by "remoting in" from a device to a virtual computer managed by the university. These systems come pre-loaded with a wide variety of software and can connect to Box and other data storage services, allowing you to securely work with research data. TerpDrives/Kumo allows you to see storage services as a drive "letter" in the virtual workspace, and Box Drive can be installed on your local computer to the same effect.
Other useful tools and resources for building and securing your workflow include:
Terpware for obtaining software licensed by the university
DIT's catalog of approved software as well as software not recommended for use
SecureShare for securely transmitting files up to 100MB
Campus VPN to securely connect to campus resources
Responsibilities
Responsibilities
As a member of the university community, it is your responsibility to protect data used in research and to ensure that appropriate resources are used in accordance with IT policies and standards. If you have questions about which policies, standards, or resources apply to your lab or project, please contact Mary Shelley, BSOS Director of Research Data Science, for assistance.
Page updated
Report abuse