Top security tips for researchers
Published: November 11, 2024
Top security tips for researchers
Overview
Securing your research environment is not a binary of either secure or insecure, but rather a journey of awareness and improvement determined by the amount of risk you are willing and able to accept (your risk appetite). Small security considerations and process changes can drastically increase your ability to protect your data and identify, respond to and recover from security incidents (your security posture).
Top five considerations
Below is a list of five essential priorities within cyber security, commonly mentioned within security agreements and government guidelines, which can help to improve the overall security of any research project. These considerations are non-exhaustive but can guide us to be Secure Together. Support is available regardless of the nature and scope of your questions and concerns.
- 1
Encrypt your data
Encryption is a part of robust, multi-layered security approach. Whether your data is on a compromised desktop or a lost mobile or storage devices, encryption ensures that it remains accessible to only you and your team. Encryption encodes information to prevent data breaches from theft or access by any unauthorized party.
Visit Encrypt data and devices for more information.
- 2
Patch your devices, systems and software
Most compromises occur on unpatched and/or infrequently updated systems. Use supported versions of operating systems. Regularly patch and update your software and applications. Configure automatic updates where available.
Visit Updates and patching for more information.
- 3
Secure your physical research environment.
Physical security enhances other security measures taken to protect your research data and systems by restricting access to spaces, people and systems where your data are stored. In the case of hard copy data, physical security measures are often the only means of protection available.
Visit Physically secure data and devices for more information.
- 4
Back up your research.
Backups are the last line of defence again irreparable data loss (caused by theft, ransomware, compromise, hardware or software updates, human error, natural disasters, etc.) and unauthorized data alterations. A good backup strategy will minimize data loss and help you get back to your research faster.
Visit Resilient backup strategy and Back up data for more information.
- 5
Create a cyber security itinerary when travelling.
As you travel or work remotely, you will encounter untrusted infrastructure (e.g. public Wi-Fi offered in a hotel, coffee shop, etc.), as well as an increased risk of loss or theft, so it is important to prepare for these additional risks to ensure that your data is confidential, intact and available when you need it.
Visit Travel and work remotely for more information.
Next steps
Ways to move beyond the basics and be an exemplary partner and champion in securing research data and intellectual property.
