I-Lab has been approved for storage of sensitive data by the data security team of ITS. This means that the I-Lab is in principle suited for the storage of personal data.

The security measures for the I-Lab comprise:

Data security

• All data is stored on servers fully under control by Utrecht University.
• Of all data files stored in the I-Lab a backup is being created. The backup is stored on a physical different location.
• If a data file is updated, the older version is stored  kept. Older versions are stored for a certain amount of time and can be restored. For details on restoring previous versions, see Revision Mechanism.
• All data files are automatically encrypted while stored, implying that when servers are hacked and copied, the data is still unreadable.
• All data files stored as a datapackage in the vault will be retained for at least 10 years.

Data Access

• Data in the I-Lab Research Area is stored in usergroups, only accessible by explicitly authorized users. You can set the accessibility of the data by adding and/or removing users to your usergroups.
• The accessibility of data in the I-Lab Vault is only possible when this datapackage is published with the ‘Open Access’ attribute. All other datapackages require explicit consent of either the creator of the data or the datamanager.
• For transport of the data from a local machine to the data server a secured connection (shhtp) is used ensuring that the data is send over encrypted.