Skip to Content

Research

Research

R&D Guide / Planning

Storage sites at HiOA

Overview of recommended storage sites based on security level and recommendations on various security measures. Customised solutions are available if the amount of data is very large or when additional security requirements are to be met.
  • informasjon

    Contact  fou-teknisk@hioa.no to discuss data management and safety at an early stage of both potential and initiated research projects.

Contents

1. Non recommended storage sites – foreign cloud services 

Unencrypted sensitive information must not be sent by email or stored in cloud services, read more about Use of email and internet in research projects. Dropbox, Google Drive, and other external foreign services are not secure storage sites for valuable and sensitive data.

Sensitive information must not be stored on private computers or other private equipment. 

See the data security guidelines: Processing sensitive information.

Read more about Using e-mail and cloud services in research projects

2. Recommended storage sites, security measures and security level

The table shows recommended available storage devices / sites at HiOA. Some storage sites require additional security measures for the storage to be safe enough based on its security level.

A security level has also been designated based on an assessment of the degree of sensitivity and personal identification, check the website Classification of data to see what the security level in the table means.

Storage, security and security level - case
Storage units/sites Security measure Security level - case
Memory card/memory stick in film/foto- or sound recording equipment   Read more about om sound and video -

Mobile storage devices (memory sticks and externally  connected disks).

Internet access is OK during processing. The unit should be encrypted when it is not in use.

Encrypted unit (See Norwegian version)

Strong password

1 - 2

Mobile storage devices (memory sticks og eksternt tilkoblede disker).

There should be no internet access during processing. The unit should be encrypted when it is not in use.

Encrypt fil (See Norwegian version) 

Strong password

Encrypted unit (See Norwegian version)

3 - 7
Home directory (H:\)    No 1 - 2

Home directory (H:\)

Transfer from (H:\) to local (C:\). The processing should take place on local (C:\) with no internet access. The file should be closed and encrypted before it is transferred back to (H:\).

Encrypt file (See Norwegian version)  3 - 7

Home directory (H:\)

Encrypt connection at, for example. transfer to TSD and work on a local machine against OsloMet's resources.

Encrypted connection

 

5 - 9
TSD 2.0 No 5 - 9
Stationary computers with encrypted disks, with no internet access and with the possibility of local storage.  

Strong password

Good behavior

8 - 9
Laptop with encrypted disks, with no internet access and with the possibility of local storage.  

Strong password

Good behavior 

8 - 9

 

Not all storage units/sites are suitable for all the security levels 1-9, but it is possible to increase the security by adjusting the levels of encryption, choosing a good passwords and behaving responsibly. Note that all stages must be secure; both the collection, analysis and storage of personal data.

It is recommended to label the storage medium as 'containing research data' or similar. The label must be in a clearly visible place. However, note that this may trigger the curiosity of people who come into possession of a misplaced storage medium.

3. Sensitive data service (TSD 2.0)

HiOA has entered into an agreement with UiO for the delivery of the Sensitive Data Service, TSD 2.0, including user support for HiOA employees. TSD is developed and operated by USIT at UiO, and is part of NorStore, the national infrastructure for managing and storing scientific data.

See terms and how to apply for access to TSD 2.0  as a HiOA employee.

4. Safe zone for NOVA (Technical solution similar to TSD)

Safe zone is used by NOVA, which has outsourced its IT operations to aspit.no. The solution is currently operating, but it is about to be phased out. Personally identifiable data is stored in the so-called Safe zone, where the terminal, application and file servers are in a closed network.

All processing of data is done on “serverparken” and not on local computers. The user only works on the terminal server screen and he/she is therefore not able to upload/download files or copy content to Safe Zone. Communication to Safe Zone happens over the internet through an encrypted VPN tunnel.

5. Collaboration tool 360

Through Public 360 the project manager can control the user access of the different project group members. The connection is encrypted and authentication takes place by means of FEIDE logon.

More information about digital collaboration tools at HiOA

If you would like to know more about the functionality of the tools and whether they would be appropriate for your work, please contact the Section for Records and Information Management, internal phone number. 5959 or by e-mail: dokhjelp@hioa.no.

If you use Public 360 to manage research data, you must take into account the additional security measures and the security level. All participants must exercise good behaviour for research data management, and depending on the degree to which the data is sensitive and personally identifiable, it may be necessary to encrypt the files.

If you need to send files, see Sending files and security level.

6. Laptop without internet access for sensitive data

The laptop must be configured in such a way that it cannot connect to wireless internet (the network interface card is disabled). The user is responsible for not connecting it using a cable or placing it in a docking station that is connected by cable.

Laptops are ordered like usual. The computer is then taken to BIT / IT Support where the network interface card is disabled.

7. Encrypted connection - WinSCP

If the connection to the storage unit is not encrypted (e.g. on the home directory, file server H:\ ), HiOA offers WinSCP as an alternative method of accessing the storage unit.

To use WinSCP, you need to know which server you have in your home directory. You can find this by signing in to Bitadmin (bitadmin.hioa.no).

File transfer for Windows – Instructions for installing WinSCP

  • Open the file in WinSCP.
  • Copy the file to an encrypted local disk.
  • Disconnect from all networks before you open the file.
  • When you have finished working on the file, close and encrypt it.
  • Reconnect to the internet.
  • Copy the file back to the server via WinSCP.

See also:  File transfer for Linux.

8. Strong passwords

The encryption security level depends on the passwords. A strong password should consist of at least 12 letters combined with signs or numbers and should be difficult to guess. Try to come up with a system/rule that makes it easy for you to remember your passwords.

You can take the password test her.e

See password guidelines at HiOA.

9. Special software

Contact BIT@hioa.no if you need to download special software.

Phone support: 6723 55 55 Monday to Thursday 08-15.45. Friday 08-15

10. Standard software available for HiOA employees

Users of Windows 10 can choose “Software Centre” from the Windows start menu to download available standard software.

How to work from outside:

  1. Connect to the external desktop.  
  2. "Jobbe smart utenfra" (VPN, connect to HiOA's servers).

11. Data versions, management and control

Version control is the means by which different versions and drafts of a document (or file or record or dataset) are managed.

Version management chart and good practices for organising research data from the University of Leicester.

Version control involves a process of naming and distinguishing between a series of draft documents which lead to a final (or approved) version, which in turn may be subject to further amendments.

Good version management can save you a lot of time and frustration and make it easier to ensure that the correct version of the data is being sent at the different stages of the project.

12. Data storage and archiving upon completion of project

In this context data storage means archiving and long-term storing data.

There are numerous technical solutions, and each project will often draw up a storage contract with a partner, such as NSD.

To facilitate the reuse of the data, it is important that the owners provide accurate and transparent information.

See documentation upon completion of research projects at HiOA.

Prepare the data for archiving - checklist from nsd.no

DOI service

If the project contains quotations and identifiers through, for example, Bibsys DOI service, the rule is that the one who assigns the Digital Object Identifier (DOI) commits to a long-term storage of the object for a minimum of ten years.

See how to work with Digital Object Identifier (DOI) at Bibsys.no

13. Storage of metadata

Is your data self-explanatory based on the variable names, codes and abbreviations that have been taken into use? You should provide metadata at both the project level, dataset level and variable level.

See NSD's documentation guide for archiving research data (.pdf) (in Norwegian only).

Contact