Data Safe Haven new remote access feature

Hands on laptop with coffee

Working from home

The Research Data Service team is pleased to announce the availability of a new remote access feature of the University of Edinburgh Data Safe Haven (DSH). In response to the changing working practices due to the Covid-19 pandemic, the DSH technical team in ITI Research Services has completed a significant work package to develop secure remote access arrangements for the environment. A secure third party solution that allows remote access to the DSH server will allow users to remotely access data from end-point devices that sit outside of the University network. The solution provides enhanced security beyond that provided by the VPN connection used for normal remote working. At present our remote access facility is being used by our existing research projects. For new projects this facility will be discussed on a project by project basis. The solution was confirmed at our ISO 27001 certification surveillance visit in November.

Cuna Ekmekcioglu
Data Safe Haven Manager
Library & University Collections

Share

DataVault ‘at 100’ – stories from our users

The DataVault now contains over one hundred datasets, with a combined size of over one hundred terabytes. These are the stories of a handful of our happy customers, talking about the benefits of using the DataVault…

1.    Low-cost long term storage delivers flexibility

Emily Clark (PI) and Mazdak Salavati (Core Scientist)

Emily and Mazdak heard about the DataVault at an event at the Roslin Institute organised by Colin Simpson, local project officer, and expert user of the DataVault. They needed to archive a large amount of genomics data – more than three terabytes. They wanted to save money and liberate their active storage for other data by moving the files from DataStore to DataVault. As DataVault is much cheaper than DataStore (once you’ve used up your initial free DataStore quota). We also held an initial meeting with Colin to answer their questions about how they would be billed (via an eIT), who would be able to deposit and retrieve data and how. Emily wanted flexibility around the billing, and the control to restrict access. We discussed the usefulness of splitting the data into separate deposits, to enable subsets of the data to be exported back to DataStore. As you can see from the public metadata, link below, the information has been worded in such a way as to manage the expectations of the reader appropriately. Mazdak created the vault, gave Emily access, and then deposited the data as a series of separate deposits, over a few days. We then issued the eIT for payment.

Mazdak says:

“Engaging early and reading the documentation was key for the use of DataVault. Having a research data management (RDM) plan from the beginning of your project helps with almost every aspect of dissemination of it i.e. publication, grant reports, collaborators and stakeholders etc. Understanding the types of storage and their cost makes this planning much easier for both the PIs and the data processors involved. Moreover, curating the metadata associated with biological datasets is much easier once the RDM plan is based on a streamlined platform such as DataVault. The clever use of low-cost long term storage solutions can free up lots of flexibility both in consumables and computational resources if considered from the start of every project. The DataVault is maintained and supported by very dedicated folks at the University who would their best to help and accommodate research needs. Talk to them in the earliest point possible to discuss your RDM plan and take advantage of their support.”

You can see the public details of the data by clicking on the DOI:

2.    A safe place for personal data

Professor Sue Fletcher-Watson

Sue had a set of video footage gathered as part of her work with children with autism, specifically the Click-East clinical trial. The audio-visual files, a little over a terabyte, were stored on an external hard drive, so she wanted to have them safely backed up, but did not have sufficient spare storage in her DataStore area. Sue had learned about the Edinburgh DataVault when chatting with a member of our team at an IAD event, so she knew DataVault would be an appropriate home for this sensitive data to be stored for the ten year period to which the participants’ parents had consented; the DataVault encrypts the data and stores three copies, and is cheaper than buying additional DataStore storage. Information Services provided Sue with a temporary ‘staging area’ on DataStore free of charge to accommodate the transfer of the data from the external hard drive, first onto the DataStore staging area and then into the vault she created, after first creating a Pure record which we validated. The Research Data Support team now has a similar dedicated staging area on DataStore which we can make available to those users who need the space temporarily for a DataVault deposit or retrieval. Of course, datasets should be split into deposits of an appropriate size so that the retrieval need not occupy too much space on DataStore. Sue successfully deposited the data. And later was able to use the staging area again to retrieve the data.

“The support I got from the DataVault team was exemplary and really helped me with this first deposit. I now have complete confidence that these valuable data are safe and secure. I’ll certainly be using DataVault again”

3.    Facilitating restricted sharing and citation of clinical data

An anonymous Edinburgh researcher

One research team contacted us about getting a DOI (Digital Object Identifier) for their pseudonymised clinical data, so they could cite the data in their manuscript, and so they could share the data on a restricted basis with their reviewers. We advised that while the reviewers would not be able to access the DataVault directly, the researchers could use DataSync to share an encrypted copy of the data with them, while protecting the anonymity of the reviewers, by sending the link for DataSync to the journal, for forwarding on to the editors. We helped the researchers describe their data in Pure. The researchers archived the data into DataVault. We minted a DOI on the Pure record, which the researchers then added into their manuscript and is now included in the finished publication. Of course, clicking on the DOI link does not give users direct access to the data – it merely takes them to the metadata, the description, on Pure’s public portal, the Edinburgh Research Explorer, where they can find the information they need to make a request for the data. Thus the research team still has the control, so that they can decline a request, or they can require such external researchers to sign a Data Sharing Agreement, undertaking not to attempt to re-identify any participants nor to share the data further with others.

A note on Data Protection

It is important to keep in mind that Principal Investigators are responsible for understanding and complying with data protection law and their own funders’ and collaborative partners’ requirements. The DataVault should be used as part of good practice in research data management throughout the research data lifecycle. We strongly encourage researchers to make a Data Management Plan for every project; the Research Data Support team is happy to review your Data Management Plan, provide feedback, advise whether the DataVault would be a suitable solution, and help include the associated costs in your research bid.

Pauline Ward
Research Data Support Assistant
Library and University Collections

Share

‘Protecting sensitive data’: new MANTRA unit now available

The Research Data Support team are pleased to announce a new update to MANTRA, the free and open online research data management training course.

The new ‘Protecting sensitive data’ module has been created from scratch, replacing the previous ‘Data protection, rights and access’ unit to provide an up-to-date guide for researchers working with sensitive and personal data.

MANTRA is designed to give post-graduate students, early career researchers, and information professionals the knowledge and skills needed to work effectively with research data.

The ‘Protecting sensitive data’ unit considers the ethical and legal contexts for conducting research with sensitive data, including information and guidance on:

  • What makes data sensitive?
  • What UK and European data protection laws mean for research
  • Research ethics, informed consent and consent documentation
  • Approvals processes and accessing restricted data
  • Safeguarding sensitive data, including data retention limits, access controls and anonymisation
  • Data protection training

MANTRA is designed to be approachable and informative, and incorporates text and video content plus quizzes, interactive exercises and a ‘further reading’ section.

We hope you find the new content interesting and useful, and we welcome comments on the new unit, as well as feedback on the other seven MANTRA modules.

Finally, the RDS team are currently working on a series of further updates to MANTRA which will be rolled out over the coming weeks, and information about these releases will be posted on this blog and the RDS Twitter account.

Bob Sanders

MANTRA, Lead Editor

Share

Research Data Service achieves ISO 27001 accreditation for Data Safe Haven facility

Following a five day on-site audit by Lloyd’s Register, the Information Security Management System (ISMS) which forms the basis for the Data Safe Haven facility for University of Edinburgh researchers has been officially certified to the ISO/IEC 27001:2013 standard. In a few weeks we will receive a certificate from UKAS (United Kingdom Accreditation Service).

The Data Safe Haven (DSH) team, comprised of members of Research Data Support in L&UC and Research Services in ITI, and with input from the Information Security team and external consultants, has been working toward certification since 2016. The system, designed by ITI’s Stephen Giles, has been extensively and successfully ‘white box penetration tested’ by external experts, one of the many forms of proof provided to the auditor. (White box means the testers were given access to certain layers of the system, as opposed to a black box test where they are not.)

The steel cage surrounding Data Safe Haven equipment in one of the University data centres.

In addition to infrastructure, a proper ISMS is made up of people who perform roles and manage procedures, based on organisational policies. The Research Data Support team work with research project staff to ensure their practices comply with our standard operating procedures. The ISMS is made up of all the controls needed to ensure that it is sensibly protecting the confidentiality, availability, and integrity of assets from threats and vulnerabilities. Over 150 managed and versioned documents covering every aspect of the ISMS were written, discussed, practiced, reviewed and signed off before being examined and questioned by the auditor.

The auditor stated in the final report, “The objectives of the assessment were achieved and with consideration to any noted issues or raised findings, the sampled areas of the management system demonstrated a good level of conformance and effectiveness. The management system remains supportive of the organisation and its business and service management objectives.” On a slightly more upbeat note, Gavin Mclachlan, Vice-Principal and Chief Information Officer, and Librarian to the University said by email, “Congratulations to you and the whole team on the ISO 27001 certification. That is a great achievement.”

The Digital Research Services programme has invested in the Data Safe Haven to allow University researchers to conduct cutting edge research, access sensitive data from external providers and facilitate new research partnerships and innovation. Researchers are expected to include Data Safe Haven costs in funded grant proposals to achieve some cost recovery for the University. To find out if your project is a candidate for use of the Data Safe Haven contact data-support@ed.ac.uk or the IS Helpline.

Robin Rice
Data Librarian and Head, Research Data Support
L&UC

Share