Skip to Main Content
Help Give Accounts

Data Management

Resources in documenting, storing and preserving research data

Data Storage and Backup

Let’s define storage and backup, both essential practices for ensuring the care and keeping of your data.

Storage is the act of keeping your data in a secure location that you can access readily. Files in storage should be the working copies of your files that you access and change regularly.

Backup is the practice of keeping additional copies of your data in separate physical or cloud locations from your files in storage. Backup copies are copies you would access in the case of data loss and needing to access previous versions of your work.

adopted from https://learn.library.wisc.edu/research-data-management/lesson-4-storage-and-backup/ 

How Many Copies of My Data Should I Have?

Good storage and backup practices help protect your data and research from losses due to hardware failure, natural disaster, or file corruption. You spend a lot of time collecting your data, so ensuring you have a good system for backing up your data will prevent you from having to spend time trying to recover your files, recollect data, or redo any cleaning or analysis.

A good rule of thumb is the 3-2-1 backup strategy: three copies, in at least two physically separate locations, on more than one type of storage hardware.

This might look like:

  • A copy in active storage; that means a copy you are regularly accessing and working on during your research. This will likely be on your computer or a shared network drive in a lab.
  • A second copy on a different device on- or off-site, such as an external hard drive in your office or a backup server provided by your IT department.
  • A third copy, preferably off-site. This might be on a cloud application like Box, Google Drive, or other appropriate cloud solution.

Data Security at SJSU

The Information Security Office at SJSU works to secure any data produced/stored/obtained as a result of employment at the university or attending the university as a student. The Information Security Office classifies data into three different levels, depending on the risk associated with a potential breach. The level assigned to your research data will impact your storage options.

Level Risk Examples
1 High

Information that can personally identify someone, such as:

  • SSN
  • Birth date
  • Health insurance information
  • Biometric information (fingerprints, DNA, etc.)
2 Moderate

Information that is not publicly available, but is also not as high risk as Level 1:

  • Student information (grades, schedule, etc.)
  • Employee information (net salary, personal contact information, etc.)
  • Trade secrets and intellectual property
  • Information covered by a specific non-disclosure agreement
3 Low

Information that is publicly available, such as:

  • TowerID
  • Employee information (gross salary, work email and phone, etc.)
  • Daily temperature readings

For more information, see the Information Classification Cheat Sheet, or contact the Information Security Officer at 408-924-1705 or security@sjsu.edu.

Where to Store Your Data at SJSU?

 

Option Cloud/Local Cost Security Notes
Google Drive Cloud Unlimited storage, free toactively enrolled SJSU students, faculty and staff Approved for Level 2 and Level 3 data. Be careful -- if you leave the university, remember to back up your Google Drive. Otherwise, the information will be lost. Try to use Google Team Drives, as these are maintained regardless of whether team members leave the university.
Campus IT Virtual Servers Local No additional cost to administrative units on campus. Use for teaching/learning: $3,000.00 per server per year. Approved for Level 1 data. -
Campus IT Co-Location Services (Physical Servers, including College Server Rooms) Local Server Co-Location is an Information Technology Baseline service and is offered at no additional cost to administrative units on campus. Teaching & Learning servers can be co-located in the data center for $100 per physical server per month (Up to 7). College servers may be used at no additional cost to their faculty. Approved for Level 1 data if the server is physically located in a certified data center (Computer Center, Research Foundation). Otherwise approved for Level 2 and Level 3 data. Physical servers are not approved to be installed in facilities not owned/operated by Campus IT. Not allcolleges have server space for research data; contact departmental IT for more information.
External Hard Drive,Portable Media (flash drive, CD, DVD) Local Varies (Not secure unless kept in a secure location andsensitivedata areencrypted.) Approved for Level 2 and Level 3 data. Approved for Level 1 data with encryption. Best for short-term storage (1-5 years). Be careful about physical security --if you care about it, lock it up!
Desktops, Laptops, Tablets Local Varies (Not secure unless kept in a secure location andsensitivedata areencrypted.) Approved for Level 2 and Level 3 data. Approved for Level 1 data with encryption. Recommended only for very short-term storage. Most departments do not back up desktops, laptops and tablets. They are vulnerable to disaster and easily stolen.
Third-party Cloud Storage(Dropbox, Box, Non-SJSU Google, AWS, Microsoft Azure, etc.) Cloud Varies Approved for Level 3 data. Approved for Level 2 or Level 1 data only if service has been procured by the University (not via reimbursement), the contract is on file with Procurement Office, and the departmentalIT Team is responsible for security of the server. Consider your intellectual property rights as a researcher when engaging 3rd party cloud solutions, as there will be no written agreements between the university and solution provider. Typically cloud providers, especially those providing free services, reserve the right to access and reproduce your data.