Data protection and security
Ideally, all data should be secure, i.e. processed in such a way as to ensure its integrity, authenticity and availability. To reduce the risks of destruction, damage, disclosure, falsification, loss, hacking, or data theft, various actions can be taken :
- Identification of the degree of sensitivity of the data (from "not at all" to "highly")
- Development of a data security policy
- Securing premises and equipment (computers, storage devices, servers, etc.) via single sign-on (SSO), keys, access codes and passwords
- Backups of all data, at regular intervals and on at least three different media
- Regular updating of environments, software and computer programs
- Checks on the authenticity and integrity of files
- Encryption and data encryption
- Checksums for the transmission of messages
- Anonymization or disidentification of confidential or sensitive data
- Data destruction
Data security is a different concept from data protection. Protection aims, through laws on the protection of personal data in particular, to protect the personality. It is not the data that is protected or targeted, but the potential harm to the person that could result from the exploitation of the data.
How to store your data at UNIL ?
To meet the needs of its researchers for high-performance scientific computing, high-performance scientific computing advice and research data storage, the UNIL Directorate has created a Research Computing and Support Division (DCSR) whose infrastructures are managed and maintained by the UNIL Computer Centre.
The DCSR provides researchers with an organized and sized infrastructure to meet the variety of storage needs (sensitive or non-sensitive data) encountered in a high-performance computing environment.
In addition to the security aspect, hosting data at UNIL offers the following advantages :
- 1 or 2 copy(s) of the data.
- Possibility to recover the previous state of a file/folder for up to 3 months.
- Management of the volume of spaces by simple quota.
- Access in SMB/CIFS or NFS (v3).
Storage allows the use and backup of research data during the implementation phase of the Project. It is in principle limited to a maximum duration of 5 years from the end date of the Project. The UNIL secure storage service is invoiced, at cost price, by the Ci and is accompanied by management rules (creation of a Data Management Plan).
A storage quota of 1TB is allocated free of charge by Ci. After this volume, storage costs will be charged.
The Rectorate's directive 4.5 defines the rules for using the secure storage spaces provided by UNIL.
Any researcher who wishes to benefit from storage space for his or her data must send his or her request to the DCSR : Request for Storage of Research Data.
The storage of research data on the cloud and in an unsecured way (no backup, no access control, no security on sensitive data, etc.) raises important legal and ethical questions. It is in principle prohibited by our Institution. For more information, contact UNIL's Division of Calculation and Research Support (DCSR).
For more information on storage and server services, see the dedicated pages of the IT Center.