Texas Tech University
TTU HomeIT Services for Faculty What are Some Best Practices for Researchers to Protect Research Data?

What are Some Best Practices for Researchers to Protect Research Data?

  1. Remain Current with Safe Computing Practices
    • Review information at the TTU Safe Computing website
    • Be alert to announcements that pertain to safe computing practices.
    • Review security logs daily (System Administrators).
    • Stay current by reading technological articles.
  2. Install Anti-virus Software
    • Symantec Endpoint Protection is available for download, free of charge, through the eRaider website. In addition to Symantec, other anti-virus applications may be considered.
  3. Install a Firewall
  4. Update and Patch Operating System
    • Windows OS
    • Unix / Linux OS
      • Most UNIX or Linux operating system vendors release security patches regularly. You should check the vendor websites for new patches at least weekly, and immediately after any announcement of a new vulnerability.
      • Most vendors also allow users to subscribe to security mailing lists for their operating systems.
  5. Data Classification
    • Research data is classified to identify access control, data encryption and backup requirements. The following matrix may be used as a guide to classify your information and data:
      DATA CLASSIFICATION MATRIX Confidential Sensitive Public
      Mission Critical      
      Non-Mission Critical      
  6. System Authentication and Security
    • Ensure that access to all confidential and sensitive data is managed appropriately.
      • Use strong passwords. (Password integrity relies heavily upon the password length, complexity, reuse, and aging.)
      • Change the default administrator accounts and passwords.
    • Social Security numbers must not be used as a primary or secondary identifiers. Use university provided eRaider authentication for access computer systems and applications.
    • For database and web applications, use eRaider authentication. Programming assistance for the front-end authentication is provided by Technology Support.
    • You may choose to enhance the security of data on the hard drive by the following two methods:
      • Restrict user access to the directory file structure.
      • Restrict user permissions to the directory file structure.
    • Lock workstations or use password protected screen savers when users are away.
    • For secure remote access to university computer systems from off-campus, use Virtual Private Networking (VPN). Information is available at IT Help Central.
    • Other practices and tools may be used to increase the security of the system. For example, you may take periodic system snapshots by using a security scanner available from Microsoft.
  7. Data Backup Options
    • The University offers a central data backup service for computers within the TTU domain with mission critical data.
    • You may also choose to perform your own data backup.
  8. Data Encryption
    • Data encryption may be used to further protect confidential and sensitive research data.
    • If data is encrypted, ensure that the encryption will stay with the data as it travels through the network, web servers, application servers, and database server.
    • To encrypt confidential and sensitive email communications, view information available from VeriSign.
  9. Protection of Research Labs
    • Secure physical access to research labs
      • Contact the University Police Department for consultation on ways to protect access to research labs.
      • A criminal background check on employees is strongly recommended.
    • Consult with TTU Environmental Health and Safety to guard against environmental hazards

For more information or to pursue options outlined above, please contact the HPCC at 806-742-4350.

 

Related Information: