06 Storage and Backup¶
Data Storage¶
Research data can be stored on different media with different advantages and disadvantages.
Storage options at UFZ
Depending on the storage device, there are major differences in the protection against data loss and unauthorized access:
Personal Computer
self-responsible for security and backup; own control everything that happens with the computer happens with the backup possible lack of resources and know-how to configure and check the quality of backup copies individual solutions are complex, costly and inefficient in the overall picture of a working group
Mobile storage device
easy to transport can be stored in a lockable cabinet or safe particularly easy to lose and can be easily stolen, therefore particularly unsafe contents are unprotected in case of loss, if they were not encrypted before susceptible to shock and wear (external hard drive)
Institutional storage location
backup of data is ensured professional implementation and maintenance storage in accordance with the institution's data protection policy data protection regulated by access rights usable for remote office work speed may depend on network conditions access to backups may be delayed due to the chain of command possibly unclear which security criteria and strategies are used may involve higher costs
External storage location
easy to use and manage are professionally maintained usable for remote office work depending on the provider, connection may also be insecure depending on access to internet upload and download may take some time access to backups may be delayed data protection: unclear which security criteria and strategies are used and whether they are appropriate for sensitive data and meet the requirements of your institution many institutions have issued special regulations for the use of such services, e.g. Freie Universität Berlin
Free cloud storage services are not appropriate locations for data that needs to be protected. It is questionable how secure the data is in a cloud and who has control over what happens to the data. Although it is the task of cloud service providers to prevent misuse of data, it is unclear whether they are able to do so comprehensively. In addition, researchers can also contribute physically to securing their (sensitive) data by control access. For example, they can store their storage devices in a separate lockable room or cabinet. Notebooks can be secured against theft by a lock. It is important, however, that at least two people have access to the data in order to guarantee the accessibility of the data in case of illness or absence.
Backup Options¶
Backup means the creation of a copy of the data on another storage device. A backup should be carried out in a planned and structured manner in order to facilitate data reconstruction if necessary. Only when the hard drive or the external storage is no longer functioning or gets lost, does one notice how important a regular backup is. If this has been set up and carried out correctly beforehand, the lost data can be easily restored. To avoid file loss due to defective hardware or software, you should therefore think about backup strategies beforehand. Many operating systems are already equipped with their own backup programs and do not require any installation effort (e.g. Mac provides Time Machine). If you are not satisfied with these integrated solutions, you can choose from a whole range of programs (some of which require payment), e.g. Duplicati, Cobian Backup, Areca Backup or Aoemei Backupper Standard. These offer two different backup types: incremental or differential. With both types, a full backup is created first. After that, the
- incremental backup only saves files or parts of files that have changed or been added since the last incremental backup,
- differential backup saves all data that has changed or been newly added since the last full backup.
Strategies for a Secure Backup¶
Backup devices should be separate from the infrastructure usually used. It is recommended to save data at least once a day and to perform a weekly overall backup. These ‘3-2-1’ principles have proven useful for backups:
- at least three copies of your data,
- on at least two different storage devices and
- one of them should be stored remotely, at a different location.
Data recovery should be checked at the outset and at regular intervals. Most institutions offer an automatic solution where all data is stored exclusively on drives safeguarded by the IT department. This professionalization ensures the backups will not be forgotten and the configuration of the backup system does not have to be done individually.
Recommendations for a Jump Start¶
Jump start
Setting up a backup strategy is the very first thing you should do before producing any data, documents etc.