Data security refers to measures that secure information
Data security must be taken into account when storing, processing and transferring data. This includes, for example, the selection of a storage location, backup, secure data collection and processing tools, and management of access and user rights.
During the thesis project, various research data are collected or produced, including interviews, texts, measurement results, images, and recordings. Digital data need to be stored somewhere during the work process.
The choice of storage location depends on:
Metropolia's Z drive
Cloud services such as Google Drive, OneDrive, Teams
We do not recommend storing thesis materials in the computer's memory or on external storage devices such as USB drives, memory cards, or external hard drives unless it is for temporary purposes. These devices are vulnerable to damage and loss, and you must take care of backup yourself. If a device is damaged and there are no backups, the entire thesis material could potentially be destroyed.
Personal data and other sensitive data such as trade secrets must be handled with special care. Only use Metropolia-approved tools for collecting, storing, and transferring such information. Storing sensitive data in cloud services is prohibited for security and privacy reasons.
Metropolia has an e-form for conducting surveys. The data from e-forms are stored on Metropolia's own secure server. Note that when the respondent opens or saves an e-form, it stores the P address at least in the web server log. It is not recommended to use Google Forms or Microsoft Forms for surveys that contain personal data as it involves data transfer outside the EU or EEA.
If you record a personal interview, it should be recorded using the Zoom web conferencing tool. Unlike Teams, Zoom recordings are saved by default on the user's local computer, not in a cloud service.
Data security can be enhanced through various security measures, such as file encryption, password protection, and data pseudonymisation.
Pseudonymisation refers to replacing identifiable information in the data with pseudonyms or codes, while keeping the code key separate from the data. Pseudonymised personal data is still considered personal data, as it is possible to re-identify the individuals based on the pseudonyms.
The research data for the thesis is stored as files in a chosen storage location. When managing files systematically, you can easily find them, and the data won't be lost or accidentally altered. If you are working with the data together with another person or in a group, it is important to agree on common practices.
Generally, it is advisable to organize files into folders, and it is recommended to plan a suitable and logical folder structure for the thesis in the data management plan. The appropriate folder structure depends entirely on the data. For example, you can create separate folders for raw data, analyses, and results. It is recommended to name folders descriptively and informatively.
You can also save documentation that describes the structure of folders and files as a text document, acting as a table of contents or a guide to the contents of folders and files.
In addition to folders, it is important to name the files consistently. Version control is particularly important to avoid confusion between different versions. We recommend using version numbers (e.g., V01, V02, etc.). Descriptive terms like "new" or "old" are not recommended. File names should follow a consistent format, e.g. in dates.
Save the data in commonly used file formats so that they can be opened on different devices and in the future. Some common file formats include:
Make a backup copy of the original file before starting any processing. If you are processing the data with multiple steps, it can be useful to create backups before each step to preserve earlier versions unchanged in case of errors during processing.
Metropolia Library and Information Services | Accessibility Statement