Confidentiality and data protection in research institutes

Research institutes produce some of the world’s most valuable data: research of human beings, animal/plant life, society’s and cultures, and so much more. This data being collected is integral to future advancements in our society, yet we must ask ourselves how it’s being protected today. For the sake of confidentiality and privacy, how can we keep critical research data protected?

Research institutes are responsible for conducting, storing, analyzing, using and ultimately sharing research data. Before research begins, there should be data protection protocols in place to prevent data loss, manipulation or theft. Read on to discover how research institutes can actively prevent data infringement and protect their data with Nextcloud as their platform.

How can research institutes’ data be protected with Nextcloud?

1. Access controls

One of the best ways to protect research data is to limit access to it. Only a handful of people will need to open the research folders and sysadmins can control this process down to a tee.

In Nextcloud Files, advanced permissions that limit and/or restrict access are state-of-the-art and trusted by our customers and community.

Just a few examples of advanced permissions:

• Setting permissions on a shared file to: read, create, edit, and/or upload.
• Watermarking confidential documents to make it harder to steal data.
• Enabling a password protection or expiration date on a public file or folder.
• Blocking downloads so the user can view and even edit the shared file(s), but not download them.

2. Antivirus

On a daily basis, external contacts send files and documents by email or through other channels which need to be scanned for threats like viruses. The Nextcloud Antivirus app (AV) performs automatic virus scans. Whenever a file is uploaded, it first gets handed over to the AV app.

3. Encryption

Nextcloud provides optimal security for research data and communication through encryption and hardening.

We offer three types of encryption:

1. Encrypted data transfer with industry-standard TLS (Transport Layer Security)
2. Server side encryption
   1. Enables researchers to store files locally and securely with encryption keys and ciphers
3. End-to-End encryption
   1. E2EE file sharing: Enables researchers to share confidential files to other users and can be synced between devices.
   2. E2EE file drop: Allows researchers to receive files from external users through sharing a secure shared link. The external user only has the option to upload a file in the end-to-end encrypted folder.

4. Intrusion detection software

With machine learning based suspicious login detection, research institutes can increase security and productivity even beyond our brute-force protection and 2-factor authentification.

Suspicious Login Detection uses a locally trained neural network to detect attempts to login by malicious actors.