Locking the virtual filing cabinet: A researcher's guide to Internet data security

摘要

As the Internet has grown in popularity, the opportunity it provides for conducting research has also become too large for researchers to ignore. Thus many have flocked to put surveys, experiments, and other data collection measures online in an attempt to gather empirical evidence in a variety of fields. While some choose a commercial provider to host surveys or experiments, others require the additional flexibility that comes with creating and maintaining a custom server. Herein lies a crucial problem: Most researchers lack the skills necessary to design, implement, and manage a server end-to-end. To overcome this limitation, they often hire programmers and administrators, who while usually competent, are not ultimately accountable to granting agencies funding research or Institutional Review Boards overseeing the research. This puts the researcher in a position of accountability in data security, confidentiality, and privacy concerns. The goal of the present paper is to outline a typical server setup, and highlight issues pertaining to data security in language accessible to researcher. This paper also presents data collected and analyzed from an anonymous distributed survey asking researchers questions assessing their management of research data. Our findings from the responses confirmed the legitimacy of our concerns by demonstrating the evident need for stricter security measures in research settings. By reading this paper, we hope that researchers will be cognizant of the optimal security practices which can be equipped to avoid the extreme consequences of data security breaches and gain a deeper understanding of the software they use to collect research data.