Gå till huvudinnehållet

Data management

Data storage, backup and transferal

During the research project, you need to consider issues concerning secure data storage, backup, and transferal. Sharing, publishing, and preserving data after your research project is described in Data publishing and preservation.

The following questions need to be considered:

  • Where will your data be stored and backed up?

  • Who will be responsible for backup and recovery?

  • If there are other researchers involved, make a plan with your partners and ensure safe data transfer between participants.

To store and backup data safely:

  • Use data storage services provided and maintained by Arcada. This includes the researcher’s own account on the Arcada network like I:\, Microsoft Office365-applications (e.g. Onedrive for Business).

    • If you do not have a plan for data archival after the research project, this solution is suitable. 

  • Or store your research data in IDA, a Fairdata service for both data storage and data archival. The Fairdata services are offered by the Finnish Ministry of Education and Culture and produced by CSC – IT Centre for Science.

  • Use data storage solutions provided by Arcada unless you have entered into a Data Processing Agreement (DPA) with another system or service provider.

  • In addition to Arcada's computers and data storage and sharing systems, you can use your own personal computer and hardware (e.g., internal/external hard drives) to store and process data in the short term.

    • However, do not use, even on your own computer, such data storage that is connected to or backed-up on Internet clouds (e.g., iCloud, Google Docs, DropBox), but only use local hard drives and data folders that are not backed up on Internet services/clouds.

    • Ensure that the data on your personal computer is properly protected, by keeping the computer updated with security patches and ensuring secure configurations.

    • When using memory sticks or external hard drives, make sure that you erase securely personal data stored on your memory sticks and on your USB disks immediately after use, according to your data management plan. You can also encrypt data on memory sticks and external hard drives by using, for example, zip applications or Office365.

To transfer and obtain data from a data provider or to share data with a research team member or supervisor: 

  • Use OneDrive storage space in your Arcada-provided account for sharing files and collaborating with others. Use the “Specific people”-option to ensure data access control. See the following section on Instructions on sharing files and collaborating with others at Arcada to ensure data security.

  • If you save and store your data in IDA by CSC, use the safe data transfer and sharing measures offered by IDA. See 1.8 I want to share my research data, what should I do? in FAQ of the Fairdata services by CSC.

  • You can use physical memory sticks or external hard drives, in cases where you or the other party do not have access to Arcada's data sharing systems (e.g., OneDrive for Business).

  • Note that you should not ever send or share data by an ordinary, non-secured email, or use systems not provided by Arcada (e.g. DropBox, GoogleDocs, OneDrive for Consumers).

If you work with sensitive personal data or confidential data (e.g. politically sensitive information or trade secrets):

  • Be sure that your storage is safe enough for the data.

  • Do NOT use cloud storage due to its insufficient data protection.

  • Do NOT use external hard drives as the main storing option.

  • Protect the data with encryption. Particularly portable and external storage devices, such as mobile devices, should be encrypted for use, e.g. by using Cryptomator.

  • Data with direct identifiers, contact information, sensitive personal data, and confidential data should not be sent between research team members by email – not even Arcada’s email system.

  • Please contact the Data Protection Officer of Arcada (dataprotection@arcada.fi) if you are unsure about data protection.

Instructions on sharing files and collaborating with others at Arcada to ensure data security

Policy for sharing files and collaborating with others to ensure data security:

  • Our Data Protection policy states that you can’t store documents with a security level in other cloud services than your own OneDrive. This means that you must use OneDrive storage space in your Arcada-provided account when sharing files and collaborating with others. You should demand that other participants in your project collaborate in your OneDrive instead of other cloud providers.
  • Care must be taken when enabling sharing of files. The objective of these instructions is to help you avoid data leakages and ensure that files are shared with the right persons.
  • The recommended way to share files is to use the “Specific people” -option. This requires you to enter the e-mail addresses of the authorized users. They need to log into to the OneDrive portal to access the files. Check with the recipients if they already use OneDrive, perhaps using a different mail address than they use with you. In that case it’s recommended to share the files to the address they already use on OneDrive.
  • The option “Anyone with the link” is the most flexible option, but also riskier as you lack control over who’s got access. This kind of sharing is always time-limited by Arcada's policy. The link expires no later than one year after creation, but it is recommended that you set an earlier expiration date if your project is shorter. Note that the links created when sharing files in this way are confidential and should be shared with care. It must be stressed that recipients aren’t allowed to forward the links to others without your explicit permission.
  • All sharing options allows you to select if the material shall be editable by the other parties. Consider this and enable the option only if needed.
  • Note that it may be hard to tell what’s shared and what’s not. Group similar files together and share the folder rather than individual files. This makes it much easier for you to manage sharing and avoid accidental sharing of files.
  • You should check regularly what you share. The easiest way is to log in to OneDrive on the web (through office.com or the OneDrive systray icon menu on your Windows computer). Select Shared > Shared by you in the left-side menu. Go through the list and delete shares that are no longer needed. It’s especially important to do this when projects end or after organizational changes.

Access control

Consider the following questions about access control of your data:

  • There should be a list of users and all rights granted, and a procedure for withdrawing rights.
    • Who is responsible for controlling access to the data (name the person(s))?
    • How will the access control be carried out? Is there an IT solution e.g. password protection, usage logs, or some physical solution (file cabinet) in use?
    • Who in the research group has access to data and to which data? What are they authorized to do with the data?
    • Why has each access rights (editing, watching, deleting) been awarded?
  • How will data usage be monitored during the study?
  • Describe how information security and the risks for sensitive data have been taken into account. Will sensitive data be stored in an encrypted form? Access control should always be in line with the level of confidentiality involved.

Data erasure

Will your data or some part of the data be destroyed? Personal data that are no longer needed to conduct the research should be disposed as soon as possible. Storage limitation reduces risks related to personal data processing. It is important to permanently destroy any data that includes personal, sensitive or confidential data after their storage is no longer necessary.

See Data disposal by the Finnish Social Science Data Archive (FSD).

As a BSc/MSc/eMBA student, you ought to delete the data no later than 12 months after the thesis is submitted unless you plan to store, reuse or share your data for academic purposes other than completing your thesis/assignment (e.g. for a scientific publication).

  • Save your files to OneDrive and use the delete feature. Remember to empty the trash as well.

Tillgänglighetsutlåtande