What’s the deal with data?
We all use data – information – in our daily lives, whether it’s for home or work, or relates to ourselves, our family, our colleagues or our students. The whole field of Information Security exists to protect data, usually by considering how to tackle threats to the confidentiality, integrity and availability of the data. Think about the consequences if personal documents or photos were to be made public, or if weeks or months of project work or research was altered or destroyed.
How can data loss occur?
Accidents happen in life and accidents leading to the loss of data are no exception. You might accidentally delete or overwrite a file. If it’s stored in a shared location, someone else with access to the location might delete or overwrite it instead. If you’re working from a USB stick on a public, shared-use PC, you may end up leaving your USB stick behind if you forget to bring it with you when you leave. Perhaps you might even leave your tablet or laptop behind when working remotely, or while travelling. Hopefully you use encryption to protect information stored on portable devices, but losing or forgetting the encryption key is almost guaranteed to result in data loss if there are no other copies of the information. Unfortunate interactions between computing devices and gravity, liquids or electrical surges can also result in data loss.
What about malicious activity?
Just as a device containing data might be lost or damaged, it could also be stolen. If someone with malicious intent gains access to the locations where your data is stored, they could deliberately change or delete data, make off with a copy of it or even encrypt it and demand a ransom for its return.
So how can I store data securely?
- Stick to approved, University-provided storage locations, such as your H: drive, S: drive and similar. These are all backed up regularly by Information Services. You can also use the University’s OneDrive and SharePoint services, which retain previous versions of documents and allow you to recover them from a Recycle Bin if accidentally deleted.
- Don’t store data on the internal C: drive of University PCs or on the Macintosh HD drive of University Macs – these locations are not backed up and are not secure in the event that the device is stolen. When storing data on the internal drive of your own personal computer, consider using a external drive or cloud backup solution.
- For University work, staff should not use external USB flash drives or hard drives. Use a network drive, OneDrive or SharePoint instead.
- If you can’t do the above or aren’t sure how to, ask Information Services for advice.
- If you absolutely have to do something else, make sure that you have good backups.
- Data storage devices which are taken out of University buildings should be encrypted to prevent access to sensitive information if they are lost or stolen.