Cloud Storage

Last Updated: November 5, 2024 3:00 pm

OASIS IRB Support

Cloud Storage: Secure Options for Research Data

Cloud storage can be an effective, secure way to store research data—provided it’s used correctly and in line with UNC-Chapel Hill’s Minimum Security Standards (MSS). Here’s what researchers should keep in mind:

Recommended Cloud Storage at UNC

As a Microsoft 365 campus, UNC-Chapel Hill encourages researchers to use campus-provisioned OneDrive and SharePoint for storing sensitive data. These platforms, accessible via your Onyen, are vetted and rated for both Tier 2 and Tier 3 research data, provided default security settings are in use. This means OneDrive and SharePoint offer robust protection to meet MSS requirements for data security when used correctly.

Network Connection and VPN Requirements

Using cloud storage assumes you’re connected to a network. To meet MSS:

• On Campus: Connect directly to the campus network.
• Off Campus: Use the campus VPN to ensure a secure, encrypted connection when accessing or uploading research data. This additional layer safeguards against unauthorized access on public or home networks.

Data Sharing Practices

While OneDrive and SharePoint are rated for sensitive data, sharing files or folders with individuals not authorized under the IRB (Institutional Review Board) is considered unsafe and a breach of research ethics. Only share data within approved research teams to maintain compliance with ethical standards.

Alternative Cloud Storage Options

Some departments at UNC may have ITS Security-vetted contracts with other cloud storage providers. For example, certain units securely use Amazon Web Storage for specific projects. If you think your department might have access to other secure cloud storage options, consult your business office to understand available choices and ensure any use aligns with MSS requirements.