{"id":1036,"date":"2023-04-24T09:35:14","date_gmt":"2023-04-24T13:35:14","guid":{"rendered":"https:\/\/umaine.edu\/arcsim\/?p=1036"},"modified":"2023-05-18T10:32:28","modified_gmt":"2023-05-18T14:32:28","slug":"is-your-research-data-secure","status":"publish","type":"post","link":"https:\/\/umaine.edu\/arcsim\/2023\/04\/24\/is-your-research-data-secure\/","title":{"rendered":"Is Your Research Data Secure?"},"content":{"rendered":"<p><em>By Iris May-Fleming, Media Intern<\/em><\/p>\n<p><span style=\"font-weight: 400\">Researchers put a substantial amount of time, money, and effort into the data that they produce, so keeping that data safe and secure is important for maintaining research integrity, and making sure that valuable resources are not lost. ARCSIM\u2019s data security analyst Melissa Kimble urges researchers to take simple and easy steps to increase data security while working with sensitive data.<\/span><\/p>\n<p><span style=\"font-weight: 400\">The first recommendation is to use a UMS IT managed device if you\u2019re able. All UMS Managed devices include tested and enforced patching, tested and standardized hardware, and incident response. Incident response means that any potential viruses will trigger a feedback loop involving the Information Security Office, ultimately serving to help prevent future incidents. \u201cWhen you have a managed device you not only have anti-virus protection, but a team of technical security experts.\u201d Kimble explained.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Keeping your computer updated is an essential way to protect your system from vulnerabilities that could allow malware to infect your device. \u201cThe number one fixable source of vulnerabilities in your system is updates.\u201d Kimble said, explaining how updates patch potential software issues that would allow malware to get into a computer system.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">While Microsoft Defender is sufficient on UMS IT Managed devices, Kimble encourages researchers to install antivirus software on their personal computers as well, such as ESET Internet Security. Some antivirus softwares simply detect malware, some can also contain and eradicate malware and potentially recover lost data.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Another important cybersecurity measure is awareness and training. \u201cIf you don\u2019t know something is there, then you don\u2019t know how to avoid it.\u201d Kimble explained. A large part of the new National Security Presidential Memorandum (NSPM) 33 provides stricter training requirements for research universities. This heightens data protection for federally-funded projects by mandating data security training, and while the UMS Academy currently has some training on basic cybersecurity, these will expand over time to meet federal requirements.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Creating a data backup plan is another essential step to protect against a single point of failure. Even if data is backed up on the cloud, having an additional disconnected backup can help mitigate risk. For example, ransomware has become so sophisticated that it can affect cloud data if the backup is continuously syncing when ransomware strikes.<\/span><\/p>\n<p><span style=\"font-weight: 400\">While multi-factor authentication (MFA) may seem tedious, it is a simple way to verify your identity. Enabling MFA makes it more difficult for malicious actors to gain access to your accounts, even if your login credentials have been stolen. Along with MFA, having strong passwords may seem obvious, but it\u2019s still important, and being careful to use unique credentials for each website mitigates the impact of a data breach.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Device encryption, otherwise known as \u201cencryption at rest\u201d, is another important cybersecurity measure to consider. \u201cDevice encryption mitigates data compromise in the event of a lost or stolen device,\u201d Kimble explained. She encourages researchers to use Bitlocker or FileVault 2 as easy ways to make sure that data on portable devices are protected if they are ever lost or stolen.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Working in a coffee shop may be convenient, but accessing data in public places has security risks. When you\u2019re working on a computer in public, people are able to physically see the screen, and potentially observe private information, so it is important to have situational awareness, and only access private data in a physically secure workplace.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Flash drives can spread infections, even unintentionally. When someone uses a flash drive on a computer with malware, the flash drive can then spread malware to other computers when it is inserted, so avoiding unknown flash drives is a simple way to avoid malware.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\">Another key tip is to avoid public Wi-Fi networks whenever possible. If a malicious actor has positioned themselves to intercept your traffic, they can monitor unencrypted transmitted data. If public Wi-Fi must be used, a VPN, which provides encryption in transit, and only accessing HTTPS websites are ways to mitigate risks associated with public Wi-Fi.<\/span><\/p>\n<p><span style=\"font-weight: 400\">Kimble encourages researchers to contact her at melissa.kimble@maine.edu with questions about data security, attend ARCSIM seminars for general information, or contact ARCSIM at <\/span><a href=\"mailto:um.arcsim@maine.edu\"><span style=\"font-weight: 400\">um.arcsim@maine.edu<\/span><\/a><span style=\"font-weight: 400\">.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Iris May-Fleming, Media Intern Researchers put a substantial amount of time, money, and effort into the data that they produce, so keeping that data safe and secure is important for maintaining research integrity, and making sure that valuable resources are not lost. ARCSIM\u2019s data security analyst Melissa Kimble urges researchers to take simple and [&hellip;]<\/p>\n","protected":false},"author":1966,"featured_media":1037,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"13","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":"","spc_primary_category":0},"categories":[3,13],"tags":[],"class_list":["post-1036","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security-posts"],"taxonomy_info":{"category":[{"value":3,"label":"News"},{"value":13,"label":"Security Posts"}]},"featured_image_src_large":["https:\/\/umaine.edu\/arcsim\/wp-content\/uploads\/sites\/526\/2023\/04\/Is-Your-Research-Data-Secure.png",1268,713,false],"author_info":{"display_name":"dtimmermann","author_link":"https:\/\/umaine.edu\/arcsim\/author\/dtimmermann\/"},"comment_info":0,"category_info":[{"term_id":3,"name":"News","slug":"news","term_group":0,"term_taxonomy_id":3,"taxonomy":"category","description":"","parent":1,"count":39,"filter":"raw","cat_ID":3,"category_count":39,"category_description":"","cat_name":"News","category_nicename":"news","category_parent":1},{"term_id":13,"name":"Security Posts","slug":"security-posts","term_group":0,"term_taxonomy_id":13,"taxonomy":"category","description":"ARCSIM Security Posts. Frequently Asked Questions, descriptions, definitions, and resources all dedicated to research security.","parent":0,"count":5,"filter":"raw","cat_ID":13,"category_count":5,"category_description":"ARCSIM Security Posts. Frequently Asked Questions, descriptions, definitions, and resources all dedicated to research security.","cat_name":"Security Posts","category_nicename":"security-posts","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/posts\/1036","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/users\/1966"}],"replies":[{"embeddable":true,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/comments?post=1036"}],"version-history":[{"count":4,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/posts\/1036\/revisions"}],"predecessor-version":[{"id":1183,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/posts\/1036\/revisions\/1183"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/media\/1037"}],"wp:attachment":[{"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/media?parent=1036"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/categories?post=1036"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/umaine.edu\/arcsim\/wp-json\/wp\/v2\/tags?post=1036"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}