Research Data Management Guide: Store Your Data

Providing adequate storage and security for your data is an important part of the research process. Knowing the security needs of your data, whether it is confidential or sensitive, will help you determine the storage systems you can use.  

The necessity of keeping separately formatted or versioned copies of data may complicate this issue; in these cases, maintaining unique and consistent filenames is of increased importance.

Data that is not confidential or sensitive should, generally, be stored in triplicate: an original or master copy stored in a place that is accessible to anyone who may need to use the data, an externally stored copy in a local backup system, an an externally stored copy in a remote backup system.  For more information about local backup options, see Computing @ VT’s page on backing up your data and the UK Data Archive’s page on backing-up data.

There are a number of options for each of these copies including:

• Cloud storage systems (Dropbox, Box, Amazon’s S3, Google Drive)

  • excellent accessibility

  • pay-to-store model (usually with a few Gb for free)

  • remote locations and redundant storage models lessen the risk of loss due to hardware error or disaster.

  • loss of control regarding access, backup frequency and security

  • Google Drive - free storage provided through Virginia Tech's agreement with Google; see VT Google Apps Security and Privacy regarding the storage of sensitive data on Google Drive and other Google Apps

• Network-Attached Storage (NAS) maintained by Computing @ VT

  • snapshots for file recovery

  • daily backup for disaster recovery

  • available to faculty, staff and departments

  • scalable past 10G upon request

  • good for short-term storage

• Personal computing devices or external drives

  • good for immediate access

  • easy to lose or steal

  • potential for hardware malfunction

  • high amount of control regarding backup frequency and security

Data that contains confidential, sensitive or personal information needs to be treated differently. These types of data must be encrypted when sent over a network, and there may be some limitations on where these data may be stored. Assuring the protection of confidential data involves three things:

• System security

  • access permissions, password protection, firewalls, anti-virus software, etc.

• Network security

  • ensuring that confidential data is not stored on computers connected to a network

• Physical security

  • controlling access to the space where data is physically located

Note: It is important that confidential data never be stored on a file sharing service, such as Dropbox or Box, unless that data is encrypted. Virginia Tech has an agreement with Google; see VT Google Apps Security and Privacy regarding the storage of sensitive data on Google Drive and other Google Apps. 

• VT IT Security Office: Protecting Sensitive Data
• VT Standard for Storing and Transmitting Personally Identifying Information
• VT Policy for Protecting University Information in Digital Form

• Data Security (UK Data Archive)