Skip to main content

Research Data Management: Use and Store

Data Storages

  

When choosing a storage for the research data, you have to consider several things: 

  • what kind of research data you will produce and how it will be processed? (the type and amount of research data may prevent usage of some storage services)
  • how are you going to save, store, use, backup and transfer your data?
  • to whom are you going to share the data?
  • what kind of access control you need?
  • are you going to actively modify your data?
  • is your data sensitive?

If you can answer these questions, it helps to determine what kind of storage system you need. Storage services provided by Tampere higher education community can be modified according to need.

Photo by Stas Knop on Pexels

Data storage services at Tampere higher education community

Personal storage space

  • Protected and backed-up personal network disk space for members of the academic community
  • For storing sensitive or non-sensitive data (p suitable for materials which may not be stored in a cloud service)
  • For storing personal work files and research data

Group storage space

  • Network disk space reserved for groups and protected from outsiders
  • For storing sensitive or non-sensitive data (p suitable for materials which may not be stored in a cloud service)
  • Files stored on the group disk space are accessible to all group members

Cloud storage

  • Office 365 OneDrive for Business can be used as a cloud storage and for sharing files with other users (also for external users)
  • For storing non-sensitive data only
  • The storage space is 1TB

Storage on a virtual server

  • A virtual server for storaging needs or for other purposes
  • For storing sensitive or non-sensitive data
  • Can be modified according to need

IDA - Research data storage service

  • A service provided by CSC (IT Centre for Science)
  • Meant for storing stable research data
  • For non-sensitive data only
  • Can be used for sharing files (also for external users)
  • Becoming an IDA user

More about data storage services (in Finnish) and computing and processing support (Tuni intra) at Tampere higher education community. Please contact it-helpdesk@tuni.fi for more information

Does your research include processing sensitive or confidential data?

A risk assessment is used to determine the required protective measures for the entire lifecycle of the data.

  • Use safe storages for your data (e.g. group or personal storage space, virtual server, ePouta (CSC)
  • If your data can be accessed remotely, how is remote access protected?
  • Encrypt your mobile devices and external storage devices if needed. If data encryption is necessary please consider following:
    • Which parts of the data are encrypted?
    • Which encryption tools are used?
    • Who manages encryption keys and passwords?
  • Do NOT USE external hard drives as the main storing option.
  • Do not use cloud storages because they are not safe enough.

Data service

Data Service at Tampere higher education community helps you manage your research data. Our service comprehends library, IT-support, research and innovation services, document management and law department together with Tietoarkisto (FSD).

We offer service, tools and training for gathering, documenting, storing and sharing the data. Our service ­supports the implementation of FAIR in all phases of your research project. You can contact us at researchdata@tuni.fi

Backup and version control

With backups we refer to the creation of additional copies of your data that can be used to restore data if the original is damaged or deleted. You should always have at least 3 copies of your data, and copies should be geographically distributed.

  • Original - Local copy - Remote copy

Many data storage systems have automatic backup functions and even some version management tools are included. It's recommended to choose your data storage according to that if possible. Do not count backup functions as a part of version management though, you should always have other copies of your data despite of backups.

  • Whichever backup method is used, it is recommended not to overwrite old backups with new ones.
  • It is important to verify and validate backup files regularly by fully restoring them to another location and comparing them with the original.
  • Use automatic backup systems provided by data storages if possible, but consider keeping your own backups alongside.

Version control

The idea of version control is to make copies of files while processing them further and to be able to go back and retrieve earlier version of any file if needed. It is important to ensure that different copies in all different locations are subject to version control. You can manage your version control many ways. A simple version control can just be based on saving multiple versions of your files and naming them descriptively enough. This method might not be enough if collaborating with multiple people though, it would be better to establish some ground rules for version control.

Some storage services offer version control features like snapshots and backup versioning, some services automatically create new versions of your files every time you modify them and some services offer version branching and merging. These are technical tools for version control to enhance working or to help users in situations when their own version control fails. Version control tools like snapshots or any backup related tools should not be regarded as a part of your version management as backups are for recovering from the worst case scenarios when your own version control fails.

Best practices:

  • Decide how many versions of a file to keep, which versions to keep and how to organise versions
  • Major and minor versioning, and how to set milestones
  • Systematic naming
  • Record changes
  • Tracking the location of files if they are stored in a variety of locations
  • Synchronise files
  • Identify one location for the master versions
  • Control rights to file-editing

Control access to your data

 

Access to personal data must be limited to those individuals for whom it is necessary in order to carry out the research. Please take into account that this group also includes the parties that maintain the services and equipments used, and other external service providers, if any.

  • Who is responsible for controlling access to your data?
  • How is user and access control implemented?
    • Is there a password protection
    • Do the storage services maintain a log on data use? Remember that you should be able to monitor data usage.
    • Do you have some physical solution (file cabinet) in use?
  • Who in the research group has access to which data? Remember that you should have a list of all who have access rights to your data, and a procedure of cancelling rights.
  • Why has each access right (editing, watching, deleting) been awarded?
  • Tell how information security and the risks from sensitive data have been taken into account. Will sensitive data be stored in an encrypted form?
  • Describe the security of the premises
    • How are the facilities used for processing the data protected?
    • Can the doors of the facilities be locked?
    • Does the property have recording video surveillance?
    • Are there burglar-proof storage fixtures/fittings and facilities available for physical material and storage equipment?
    • Are the workstations equipped with screen guards?
  • After they are no longer needed, how will data and copies be disposed in a safe and secure manner?
Tips for best Practices 
  • With personal and group storage space you can control access rights easily
  • Access control should be in line with the level of confidentiality involved.
  • Please familiarise yourself with Tampere University’s Information security policy.
  • See also how misuse and damage related to personal data are reported.