LibGuides: Manage &amp; Share Research Data: Secure

What do I need to think about?

Why do I need to worry about security? Doesn't UITS take care of that?

Securing research data takes both technical and administrative controls. When you use IU systems, you can let the experts worry about the technical stuff. But security also includes how people interact with systems; the term "administrative controls" includes specific things you might need to use when working with certain platforms or tools at IU.

When you are involved in research, this means that you need to be aware of your ethical and legal obligations. Those may include administrative controls, that are meant to protect data that must be kept confidential or private. Many, but not all, laws and requirements are related to protecting data about people. Some of the reasons that data must be kept private or confidential include:

the data may be protected under local, state, or federal laws
the data could identify a human research participant
the data include sensitive information about people, such as personal or financial information, ethnic or racial origin, political opinions, religious beliefs, memberships, etc.

As a new researcher, you are not expected to be an expert. The lead investigator, lab manager, or other research supervisor are your main resources. You may also need to consult resources from the IRB for human subjects research, the Animal Care & Use office for animal research, the Institutional Biosafety Committee, or the appropriate office in research compliance. For guidance related to cybersecurity or compliance, take a look at the SecureMyResearch Cookbook or request a consult. These experts are here to support researchers, so don't be afraid to ask for help.

Most research data is considered institutional data. Check out the data classifications to understand those labels and the related requirements.

Tips for securing

Foundational Tips

Don't store research data on your phone or on an unencrypted flash/thumb drive.
If you have to store or work with research data on your laptop, encrypt it.
- You can encrypt your entire hard drive or specific files and folders. Check out the articles in the KB on encryption tools for Windows, Mac, and mobile devices.
Don't share your username and passphrase with anyone.
Don't reuse your IU passphrase for other sites.
Do use a system managed by IU like Microsoft OneDrive or Teams to store your data (and all your research files).
Do use a system that is approved for the highest level of security required for your data. See the Data Sharing & Handling Tool.

For more tips, check out the Protecting Data guide.

Tools for securing

What is Windows Bitlocker
Recommended tools for encrypting data
SecureMyResearch
SecureMyResearch offers the following services to help you conduct your research securely, regardless of whether you are working with regulated or unregulated data.
Secure Share at IU
At Indiana University, Secure Share provides a way to securely share data, including critical data, with others via a web interface. It is particularly useful for sharing files that are too large to send via email.