Working safely with research data from home

Working from home can be beneficial for several reasons: it allows more flexibility in terms of work hours, location, and schedule; it can lead to a better work-life balance; it can lead to increased productivity; it reduces the costs of commuting. However, working from a non-controlled environment may present some risks, especially when working on(sensitive) research. It is therefore important to be aware about how to safely work from home. RDM Support offers you some tips and tricks on how to accomplish this.

Handling Personal Data

When working with personal data (i.e. identifying data which contains for instance ‘name, address, city’ or other types of identifying data like e-mail addresses) please use the Guide Handling Personal Data and IT security ‘Did you properly secure our data?

Important to keep in mind:

  • Be careful when working with identifying personal data at home: only do so when absolutely necessary, do not store local copies on your own devices, use the VPN tools from the UU and map the UU network drives.
  • We recommend using Yoda and OneDrive for storing personal data.

Wi-Fi connection & software

  • The VPN of vpn.uu.nl provides good protection for all internet contacts with servers and computers within the UU network. All other connections and contacts may NOT go via the UU VPN network but locally via your own home router. That means data sent / received that way may not be protected by VPN.
  • A large part of the two-factor authentication and authorization has not yet been rolled out for many UU sites. Many intranet sites therefore only have password protection. Preferably approach these sites after making the UU VPN connection.
  • Preferably work via a wired network, because Wi-Fi authentication and connections are vulnerable, and check what is happening on your home network.
  • Do not use new software simply to be able to work from home. Do not use free tooling from the web. You can continue to use your software for your research. By default, use software which is provided and validated by the UU and available through the UU Software Centre.

Hardware safety

Avoid risks

  • Pay extra attention to phishing emails: is it unknown person or not for work? Do not open attachments and do not click on links. Delete e-mails from the mailbox and the recycle bin. Do you suspect that you have received a phishing email? Would you like some advice? Please contact phishing@uu.nl
  • Make sure your PC or laptop is up to date & regularly scan your computer for viruses and malware.
  • Be careful when using video chat services to discuss privacy sensitive data. First, ensure that as little sensitive data as possible is discussed. If sensitive data needs to be discussed, do not mention names or other personal information but only use a participant number. We recommend using Teams and Skype for Business.
  • Report a data-breach to CERT, also when it concerns your personal device with UU-data.
  • Do NOT transfer or forward research data to private e-mail accounts or Google mail. Communication between researchers should remain within the institutional e-mails. Think about who needs access to relevant information and make sure to control access to information through shared institutional drives rather than e-mail conversations. You can make use of SURFfilesender to send large files securely and encrypted.

RDM Support