[Rdap] Security/Storage Systems - DMP Language

Fitzgerald, Jennifer jmfitzgerald at noble.org
Wed Oct 12 10:28:57 EDT 2016 

Thanks so much for the insight, Jon.  I am going to present some options to present to the Committee members and see if they feel any better about it.  Agreed, that they do need to do more of a show and tell of what actions they will take in order to make sure their data is stored and secured using best practices.

From: Rdap [mailto:rdap-bounces at asis.org] On Behalf Of Jonathan Petters
Sent: Tuesday, October 11, 2016 10:07 AM
To: Research Data, Access and Preservation <rdap at asis.org>
Subject: Re: [Rdap] Security/Storage Systems - DMP Language

Jennifer,
My two cents...

If this is a DMP for a research proposal, I imagine that you don't need to have much specific detail about security and back-up.  Most funder-specific DMPs have more of a 'What data are you going to share and how' focus...

My impression is that proposal reviewers would mostly be interested the researcher affirming they are taking the necessary steps to secure their research data from loss, theft, or confidentiality breaches, and who's responsible for such actions.  Thus, stating that they are storing their data on 'university-administered servers' that backup the data regularly and use some general form of authentication would be fine.  No doubt the researcher is responsible for some security (e.g. storing a codebook separately from the human-subject data), and these actions should be written as well.  But I imagine this could all be written in a way where your IT security folks wouldn't be afraid that too much information is being shared publicly.

On the other hand, a detailed DMP for a research project to make sure that specific actions are taken care of appropriately by each responsible party (IT, researcher, IRB) and for which system/OS/dataset etc. would be a real helpful document, woudn't it?!  That could be just shared internally though, and not for public consumption.
Interested in hearing others' thoughts, it's a great question :)

Jon

On Tue, Oct 11, 2016 at 10:22 AM, Fitzgerald, Jennifer <jmfitzgerald at noble.org<mailto:jmfitzgerald at noble.org>> wrote:
Hello:

Our institution’s library and Data Management Committee are in the process of developing data management plan language for our researchers.

There has been discussion regarding how much information to include regarding the security and storage systems used in our operations.  There is a proposed paragraph that would describe at a very high level the infrastructure and software suite used by our institution’s IT team, how those systems back up data, and general (but not precise) locations of where backup tapes are kept.

One member of the Committee expressed concerns over divulging this type of information externally.  Opinions and feedback are appreciated.

Jennifer Fitzgerald
Data Curator, Library and Information Management Services
________________________________
The Samuel Roberts Noble Foundation
2510 Sam Noble Parkway
Ardmore, OK 73401
Telephone 580.224.6268<tel:580.224.6268> | Fax 580.224.6265<tel:580.224.6265>
www.noble.org<http://www.noble.org/>



_______________________________________________
Rdap mailing list
Rdap at mail.asis.org<mailto:Rdap at mail.asis.org>
http://mail.asis.org/mailman/listinfo/rdap<http://cp.mcafee.com/d/FZsS76Qm1Py9EVus79CXCNNEV76zBUsYOr76zAsqenDASjoUQszzhOYeuodzzhOed79EV7endyaHIFyx7UWuw2El87_M04T2F0_-00CZKzt1Qs_R-juuKZvHTbFILKs-MOy-_ORQr8EGTphVkffGhBrwqrhdFCQuKAT2zp2BEO8urhdw0NfJFaD00s4RtxxYGjB1SKhgRoT53lyV2Hsbvg5rile00CQmkkQPobZ8Qg6BI5EqIqnjh0cvpKcFBI69RzF7Ph0c5GjZmxEwbCy0e6MIq80HI2buAvdLTdCRktvUW>



--
Jonathan Petters Ph.D.
Data Management Consultant
Data Services, University Libraries
Virginia Tech
(540) 232-8682
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kunverj.com/pipermail/rdap/attachments/20161012/28d5b10f/attachment.html>

More information about the RDAP mailing list