Wikier

Data storage guide

This guide will help you select the correct solution for storage and processing of information, including research data. The storage guide gives an overview of the storage solutions assessed by NTNU, provides information about designated usage, and tells you how to access the different solutions. In addition, the data collection guide and the storage guide provides information that can be used when creating data management plans.

Norsk versjon - Lagringsguide

Topic page about information security | Pages labeled with information security

Information security and classification

NTNU guidelines state that information must be classified in order to determine the value and identify the need for security and protection. The confidentiality classification describes what level of protection that is needed. These assessments must be made for all projects.

Read more about:

Classification of personal data

Research data is usually classified as internal (yellow) or confidential (red), and this also applies to research data containing personal data. Personal data is information and assessments that can be related to individual persons, either directly or indirectly. Examples include names, ID-numbers, e-mail, IP-addresses, photos, videos, interview recordings and transcribed interviews.

Some types of personal information are known as special categories of personal data (often called sensitive data). These types of data require additional protection and will usually fall in the confidential category. The same apples to data regarding criminal offenses or information about vulnerable groups or vulnerable situations.

Transfer of data

Remember that also the transfer of data to the chosen storage solution should be done according to the confidentiality classification. More information can be found in this Norwegian wiki, Sikker sending og mottak av filer og dokumenter. In general it is not recommended to store and transfer data using USB sticks or external hard drives, as these might be lost, can contain viruses and do not have backup. However, in certain this might be necessary, see the section on Physical storage media.

Storage services and collaboration platforms

Storage services and collaboration platforms refer to cloud services or servers at NTNU. Click on the different solutions for more information.

PublicInternalConfidentialHighly confidential
Personal cloud storage (dropbox, google drive ++) OKNONONO
NTNU Personal home directory («M:-drive»)OKOKOKOK (1)
NTNU Shared directory (T:-drive, group, project, etc.)OKOKNONO
NTNU-administered Dropbox (contact Orakel)OKOKNONO
NTNU-BoxOKOKNONO
Office 365 (SharePoint, Teams, Onedrive)OKOKOK(1)NO
NTNU NICE-1 - Storage solution with added securityOKOKOKOK (1)
HUNT CloudOKOKOKOK (2)
UiO TSDOKOKOKOK
NIRD (tidligere Norstore, driftes av Uninett Sigma2)OKOKNONO

(1) Data must be encrypted. Read more on how to encrypt O365 files using AIP here or how to encrypt other files with 7-Zip

(2) Risk level is assessed on individual basis, see the HUNT information page for more information.

Physical storage media

Physical storage media refers to local storage and processing of information, for instance temporary storage and processing on your computer (Mac, PC or hard drive).

PublicInternalConfidentialHighly confidential
Privately owned computerOKNONONO
NTNU-acquired computer (self-administered)OKOKNONO
NTNU-administered computer – encryptedOKOKOKNO
USB drive/external hard driveOKOKNONO
USB drive/external hard drive - encryptedOKOKOK(1)OK(2)

(1) The data must be stored in encrypted form on the storage media and the password kept in a separate location. Read more about how to encrypt files.

(2) The entire drive/disc must be encrypted with a strong password (read more on how to make passwords). The password must be kept in a separate location.

See also

Contact

Orakel Support Services can help you if you have questions or encounter difficulties.