Library Subject Guides
Choosing an appropriate way to store the research data you are working with is vital, so you don’t lose it or enable inappropriate access to it.
Choosing data storageWhen choosing an appropriate way to store the research data you are working with, you will need to take into account:
Ease of access for you and your collaborators, while ensuring no unauthorised access
The back-up systems associated with particular storage options
The security of your data. This is critical if you are working with sensitive data
The University's cloud storage option Google Drive is recommended for storing research data in most cases.
The University has a contract with Google which includes assurances around data protection. For more information see IT Services' Google Workspace web page outlining your responsibilities and policies, including information on data privacy and security, and the service level agreement.
If you are using research data supplied by a third party, ensure that you are aware of the requirements of the data provider, who may not agree to datasets being stored or shared via Google Drive. You should also follow any funder requirements for data storage and its location. Consider whether the dataset would be more appropriately stored on the University filestore.
The use of a personal (non-University) Google account is not recommended as this will not be covered by the University's contract arrangements.
University filestoreUniversity filestore provides a convenient and secure storage option. It also has the advantage of being regularly backed up by IT Services.
Your personal filestore is convenient for your own use. If you need more space to store your research data you should contact your Departmental Computing Officer or IT Services.
IT Services also provide additional storage in the form of the shared filestore (known as Storage). This is useful if you need to be able to share a working area with a number of colleagues/project team.
Using the University filestore may be necessary if you need to meet requirements for guaranteed UK storage or storage on site.
Data stored on a departmental fileserver is the responsibility of the department concerned. Always check with the manager of the fileserver for details of their policies and security setup.
The University Data Safe Haven is a controlled and secure environment for undertaking research using sensitive data that requires additional safeguards.
You should use the Data Safe Haven when you:
Prior to using the service you must complete the Data Safe Haven training.
If you wish to discuss the Data Safe Haven in more detail, contact itsupport@york.ac.uk.
Local hard drives are not recommended for data storage.
Storing files on your hard drive (C: drive) is not recommended. There is a risk of data loss and you can't guarantee that others will not be able to access your machine. See IT Services' web page for more information:
Laptops and tablets are not recommended for data storage.
Be aware of the risk of losing any portable device. Ensure that your data is regularly backed up (e.g. on the University filestore or Google Drive) as making backups of files ensures that original data files can be restored from backup copies, should originals get damaged or go missing.
Encryption must be set up on any device that contains personal or sensitive data. See IT Services' web pages for more advice:
Other portable storage devices are not recommended for data storage.
USB sticks and other external storage devices are very susceptible to loss or damage. They should be avoided where possible and must not be used for unencrypted personal or sensitive data. See IT Services' web pages for further advice:
Other online storage options are not recommended for data storage.
We advise that you do not upload personal or sensitive data to services that the University does not have a contract with.
For more information and alternatives see IT Services' usage advice for cloud services.
The DropOff Service may be suitable for the exchange of files but you must still encrypt personal or sensitive data.
The University filestore, Google Drive and the Data Safe Haven provide storage for active data i.e. the research data you are working with.
When you have finished working with your research data, you should appraise it and take appropriate action:
Information for staff leavers and student leavers provide information and instruction on what to do with your IT account before you leave the University.
To manage the risk of loss, you may to want to digitise your non-digital research data. Guidance on managing and digitising non-digital data is available on the OpenAIRE open research platform.
If the research data or physical object cannot be digitised you should consider other options to protect it, e.g. a fireproof safe in a secure location.
For information and advice on physical storage and off-site storage, contact the University Records Manager and Archivist.
You should be aware of all information security issues, for example, the use of email when handling sensitive data, account management, controlled access, phishing, anti-virus software and the need to keep your computer up to date.
The Information classification and handling scheme provides guidance on the classification of information (e.g. public, restricted, confidential) and the different levels of security required.
IT Services provide IT security guidance and can help you to implement the right security measures for your research data.