security - neuralinterfacinglab/LabManual GitHub Wiki

Data Management and Security

Where to find and save data

All our data is stored anonymized at the MHeNs server. To get access, write ICT services (see our ICT at our information page). For the sEEG experiments, all data can be found at ./projects/seeg/. For each participant we have a folder, named khXXX, where XXX is the zeropadded counter. Each folder contains all the relevant information we have, such as an about.txt with comments and observations during recordings, .xdf files, containing all the synchronizes recordings. See sEEG experiments for more info on recordings. The img_pipe folder contains the aligned MR and CT images for visualizing as well as some screenshots of the locations and a electrodes.mat file with the anatomical labeling.

Data ownership

Recorded data should only stay with the people that are allowed to access the data. We generally work under the less strict legislation of non-WMO data, but is essential to adhere to the following guidelines:

  • Keep data where only where is should be, Especially personal identifiable data! So instead of copying the data to your local machine, access it directly from the server by using the VPN. If you really need to have data on your laptop, be extra careful with it. If it is personal data, encrypt it (windows user can use the right-click menu to encrypt files.
  • Be careful with data carriers. Encrypt it. If you lose it, anyone that finds it can access your data
  • Send data safely - Need to send some data to someone else? The best and safest way is to use SurfFileSender, which you can access with your university account. Be especially careful with e-mail, this is generally a very insecure way to send data around (though, it sadly still very often happens)
  • Publishing publicly available data, use DataverseNL, login with your MU-log in. Another option is OSF.

Note that you should be even more careful when using data in a WMO project. Be sure you update yourself on the regulations (see eBrok )

How to keep your data safe

The worst thing that can happen is losing data because of a broken laptop or malware attack. To prevent this, here are 3 simple rules that are very important to keep your work and personal data safe.

  • Update all day, every day - The easiest way to remain safe, is to update to the newest version of any software as soon as possible. Updates very often patch security holes in the software that hackers might use to get access to your system.

  • Back-up your data! - Hardrives can fail unexpectedly, and ransomware attack will always surprise you. In the case of such event, you will save yourself a heartattack when you remember you have a backup of your data. The most secure back-up strategy is: two back-ups onsite, one backup offsite. This means that you have two (external) harddrives at home that have copies of your data. In addition, you also need a remote place, such as Google Drive, Dropbox or Surfdrive. By organizing it this way, you will even keep your data when you house burns down or floods. To be absolutely sure, make sure that at least on data location is not directly connected to your laptop. If you were to catch some ransomware, it can not spread to the disconnected datalocation. In any case, this will require an investment, but very well worth it. A good start is to have at least a backup, be it an external hardrive or cloud service. A back-up program recommended by the IT services is Iperius backup

  • Use a password manager - You can't remember all passwords, so you likely use the same password for different places. This is very dangerous; if there is a data breach at some service you use, ALL your accounts are at risk! (You can check here if your data is breach somewhere: Have I been Pwned?. To solve this, it is highly recommended to use a password manager. This will remember and autofill your passwords. In the case that your data is breached, you only have to change a single password. Additionally, the autofill option only works on the specified websites, so if someone tries to steal your data with a fake website, you get an extra warning because the autofill doesn't work! Lastly, you can store very long and hard to guess passwords, because you don't need to remember them anyway. Available options are Dashlane, Bitwarden, 1Password, Lastpass or Keepass)

Lastly, two more tips:

  1. Do not click links in e-mails, unless you absolutely have to.
  2. Read this page (In dutch) for a very accessible guide on data security, written by 6 hackers: Laat Je Niet Hack Maken