Locking the virtual filing cabinet: A researcher's guide to Internet data security

► Researchers are often unaware of how data can be lost or stolen from Internet-connected servers. ► Many researchers do not have the time or ability to read complex technical manuals or documentation, and thus do not implement basic security practices (i.e. strong, non-shared passwords). ► Ignoranc...

Full description

Saved in:
Bibliographic Details
Published in:International journal of information management Vol. 32; no. 5; pp. 419 - 430
Main Authors: Westfall, Jonathan E., Kim, Cindy M., Ma, Annie Y.
Format: Journal Article
Language:English
Published: Kidlington Elsevier Ltd 01.10.2012
Elsevier
Elsevier Science Ltd
Subjects:
Accessibility
Accountability
Administrators
Best practices
Cabinet
Computer information security
Computer programs
Confidentiality
Data collection
Data integrity
Data security
Exact sciences and technology
Experiments
Filing
Information and communication sciences
Information science. Documentation
Internet
Languages
Legitimacy
Library and information science. General aspects
Measures
Polls & surveys
Popularity
Privacy
Programmers
Research methodology
Researchers
Review boards
Sciences and techniques of general use
Security
Security measures
Servers
Studies
Surveys
Use and user studies. Information needs
Data collection
Data security
Research methodology
Best practices
ISSN:0268-4012, 1873-4707
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:► Researchers are often unaware of how data can be lost or stolen from Internet-connected servers. ► Many researchers do not have the time or ability to read complex technical manuals or documentation, and thus do not implement basic security practices (i.e. strong, non-shared passwords). ► Ignorance of data security leading to a breech can have serious consequences including removal of grant funding and IRB inquiries. As the Internet has grown in popularity, the opportunity it provides for conducting research has also become too large for researchers to ignore. Thus many have flocked to put surveys, experiments, and other data collection measures online in an attempt to gather empirical evidence in a variety of fields. While some choose a commercial provider to host surveys or experiments, others require the additional flexibility that comes with creating and maintaining a custom server. Herein lies a crucial problem: Most researchers lack the skills necessary to design, implement, and manage a server end-to-end. To overcome this limitation, they often hire programmers and administrators, who while usually competent, are not ultimately accountable to granting agencies funding research or Institutional Review Boards overseeing the research. This puts the researcher in a position of accountability in data security, confidentiality, and privacy concerns. The goal of the present paper is to outline a typical server setup, and highlight issues pertaining to data security in language accessible to researcher. This paper also presents data collected and analyzed from an anonymous distributed survey asking researchers questions assessing their management of research data. Our findings from the responses confirmed the legitimacy of our concerns by demonstrating the evident need for stricter security measures in research settings. By reading this paper, we hope that researchers will be cognizant of the optimal security practices which can be equipped to avoid the extreme consequences of data security breaches and gain a deeper understanding of the software they use to collect research data.
Bibliography:SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 14
ObjectType-Article-1
ObjectType-Feature-2
content type line 23
ISSN:0268-4012
1873-4707
DOI:10.1016/j.ijinfomgt.2012.01.005