- Non recommended storage sites
- Recommended storage sites, safety measures and security levels
- Sensitive Data Service (TSD 2.0)
- Safe zone for NOVA (Technical solutions similar to TSD)
- Collaboration tool Public 360
- Laptop without internet access for sensitive data
- Encrypted connection - WinSCP
- Strong passwords
- Special software
- Standard software available to HiOA employees
- Data versions, management and control
- Data storage/ archiving research data upon completion of project
- Storing metadata
Unencrypted sensitive information must not be sent by email or stored in cloud services, read more about Use of email and internet in research projects. Dropbox, Google Drive, and other external foreign services are not secure storage sites for valuable and sensitive data.
Sensitive information must not be stored on private computers or other private equipment.
See the data security guidelines: Processing sensitive information.
Read more about Using e-mail and cloud services in research projects
The table shows recommended available storage devices / sites at HiOA. Some storage sites require additional security measures for the storage to be safe enough based on its security level.
A security level has also been designated based on an assessment of the degree of sensitivity and personal identification, check the website Classification of data to see what the security level in the table means.
|Storage units/sites||Security measure||Security level - case|
|Memory card/memory stick in film/foto- or sound recording equipment||Read more about om sound and video||-|
Mobile storage devices (memory sticks and externally connected disks).
Internet access is OK during processing. The unit should be encrypted when it is not in use.
|1 - 2|
Mobile storage devices (memory sticks og eksternt tilkoblede disker).
There should be no internet access during processing. The unit should be encrypted when it is not in use.
|3 - 7|
|Home directory (H:\)||No||1 - 2|
Home directory (H:\)
Transfer from (H:\) to local (C:\). The processing should take place on local (C:\) with no internet access. The file should be closed and encrypted before it is transferred back to (H:\).
|Encrypt file (See Norwegian version)||3 - 7|
Home directory (H:\)
Encrypt connection at, for example. transfer to TSD and work on a local machine against OsloMet's resources.
|5 - 9|
|TSD 2.0||No||5 - 9|
|Stationary computers with encrypted disks, with no internet access and with the possibility of local storage.||8 - 9|
|Laptop with encrypted disks, with no internet access and with the possibility of local storage.||8 - 9|
Not all storage units/sites are suitable for all the security levels 1-9, but it is possible to increase the security by adjusting the levels of encryption, choosing a good passwords and behaving responsibly. Note that all stages must be secure; both the collection, analysis and storage of personal data.
It is recommended to label the storage medium as 'containing research data' or similar. The label must be in a clearly visible place. However, note that this may trigger the curiosity of people who come into possession of a misplaced storage medium.
HiOA has entered into an agreement with UiO for the delivery of the Sensitive Data Service, TSD 2.0, including user support for HiOA employees. TSD is developed and operated by USIT at UiO, and is part of NorStore, the national infrastructure for managing and storing scientific data.
Safe zone is used by NOVA, which has outsourced its IT operations to aspit.no. The solution is currently operating, but it is about to be phased out. Personally identifiable data is stored in the so-called Safe zone, where the terminal, application and file servers are in a closed network.
All processing of data is done on “serverparken” and not on local computers. The user only works on the terminal server screen and he/she is therefore not able to upload/download files or copy content to Safe Zone. Communication to Safe Zone happens over the internet through an encrypted VPN tunnel.
Through Public 360 the project manager can control the user access of the different project group members. The connection is encrypted and authentication takes place by means of FEIDE logon.
More information about digital collaboration tools at HiOA
If you would like to know more about the functionality of the tools and whether they would be appropriate for your work, please contact the Section for Records and Information Management, internal phone number. 5959 or by e-mail: firstname.lastname@example.org.
If you use Public 360 to manage research data, you must take into account the additional security measures and the security level. All participants must exercise good behaviour for research data management, and depending on the degree to which the data is sensitive and personally identifiable, it may be necessary to encrypt the files.
If you need to send files, see Sending files and security level.
The laptop must be configured in such a way that it cannot connect to wireless internet (the network interface card is disabled). The user is responsible for not connecting it using a cable or placing it in a docking station that is connected by cable.
Laptops are ordered like usual. The computer is then taken to BIT / IT Support where the network interface card is disabled.
If the connection to the storage unit is not encrypted (e.g. on the home directory, file server H:\ ), HiOA offers WinSCP as an alternative method of accessing the storage unit.
To use WinSCP, you need to know which server you have in your home directory. You can find this by signing in to Bitadmin (bitadmin.hioa.no).
File transfer for Windows – Instructions for installing WinSCP
- Open the file in WinSCP.
- Copy the file to an encrypted local disk.
- Disconnect from all networks before you open the file.
- When you have finished working on the file, close and encrypt it.
- Reconnect to the internet.
- Copy the file back to the server via WinSCP.
See also: File transfer for Linux.
The encryption security level depends on the passwords. A strong password should consist of at least 12 letters combined with signs or numbers and should be difficult to guess. Try to come up with a system/rule that makes it easy for you to remember your passwords.
You can take the password test her.e
Contact BIT@oslomet.no if you need to download special software.
Phone support: 6723 55 55 Monday to Thursday 08-15.45. Friday 08-15
Users of Windows 10 can choose “Software Centre” from the Windows start menu to download available standard software.
How to work from outside:
Version control is the means by which different versions and drafts of a document (or file or record or dataset) are managed.
Version control involves a process of naming and distinguishing between a series of draft documents which lead to a final (or approved) version, which in turn may be subject to further amendments.
Good version management can save you a lot of time and frustration and make it easier to ensure that the correct version of the data is being sent at the different stages of the project.
In this context data storage means archiving and long-term storing data.
There are numerous technical solutions, and each project will often draw up a storage contract with a partner, such as NSD.
To facilitate the reuse of the data, it is important that the owners provide accurate and transparent information.
If the project contains quotations and identifiers through, for example, Bibsys DOI service, the rule is that the one who assigns the Digital Object Identifier (DOI) commits to a long-term storage of the object for a minimum of ten years.
See how to work with Digital Object Identifier (DOI) at Bibsys.no
Is your data self-explanatory based on the variable names, codes and abbreviations that have been taken into use? You should provide metadata at both the project level, dataset level and variable level.
See NSD's documentation guide for archiving research data (.pdf) (in Norwegian only).