What do you need to consider when deciding where to store your data?
- How much storage do you need?
- How will you access it?
- How will you share with collaborators?
- Is it reliable - will it be backed up?
- Is it secure?
- Can you control which individuals have access?
Where can I store my data?
All research data must be stored using secure University of Dundee IT (UoD IT) facilities. Where practical and appropriate project data can be stored on Box where there is a monthly storage limit of ITB. Access to the University network is also provided free of charge but storage is not limitless. Costs for storage of large volumes of data (multiple Terabytes) on University servers are available on request from UoD IT.
Contact UoD IT using Help4U
Collection of data
- Portable devices must have full disk encryption.
- Unencrypted removable media (e.g. USB sticks) must not be used.
- Box may be used for confidential and highly confidential material.
For highly confidential material (such as personally identifiable health data) - a double encryption methodology within Box is recommended. A second level of encryption then ensures that only those with the password can access the secure zipped package.
The University IT service provides advice on security
Box should also be used to store and exchange highly confidential information such as:
- Personally identifiable health information
- Personally identifiable charge or conviction data
- National Security information or
- Equivalent highly confidential material
providing that this information is secured using a second level of encryption and password protection.
Further guidance on the security of University data, including research data, is available through the IT Service Desk at Help4U
They will forward your query to the Information Governance Office or the LLC Research & Resources Division.
Transporting and transferring files using Box
Box may be used for sharing confidential information, provided that the following two conditions are met:
- Files should be labelled "Confidential"
- Folders in Box are configured appropriately. That means:
- It is appropriate for anyone with access to a folder to see the information it contains
- That the level of that access is set correctly (i.e. use Viewer role to enable access to view information rather than Editor or Owner).
- That the people with access to the folder have been cross checked (i.e. that you have given access to the correct 'Joan Smith' by examining the unique email address). For guidance on the use of Box with specific data types please contact Alan Bell, Head of Information Governance
- For advice on using Box, please see IT web pages or contact UoD IT.
Accessing material from Box
- Whenever possible, information must be viewed in originating systems and not downloaded. Where information is downloaded it should be accessed, stored and/or transmitted in a secure manner.
- Data should not be accessed in public places where information can be viewed by others.
- Data must not be accessed from or sent to non-University systems or services (personal email accounts, cloud storage products etc.).
- Duplicate copies of confidential information must be avoided as far as possible.
Is my data safe in the cloud?
The Box file storage system provided by the University of Dundee is ISO 27001 is compliant - should it be required (in a grant application) you may request the registration certificate number from email@example.com
Processes are currently being developed for approval of security-sensitive research. If your research falls within this category please contact the Convener of UREC for advice.
Guidance on processes and facilities for storage of security-sensitive data can be obtained from the LLC by emailing firstname.lastname@example.org
Ready to share your data?
The University uses Discovery (Pure) as a data catalogue/repository and so you can deposit your data with us if need to when you are ready to publish or archive your data. For more information click on the following link,