Physically secure data and devices
- Michael Laurentius
Purpose
Physical access to unsecured systems, devices, and notes can lead to data loss or theft of intellectual property and valuable equipment.Â
Audience
faculty researchers Admin staff IT staff students
On this page
Initial considerations
Encrypt your data and/or devices.
Encrypting your data provides an extra layer of protection in case the physical device is lost or stolen.
Establish a resilient backup strategy and back up your data.
Should your physical device be lost or stolen, it is important that you have the necessary backups to recover from.
What can I do?
Store hard copy data and portable devices in a secure environment.
It is recommended you use a "double-locked" solution, meaning a private office/workspace with lockup capabilities (filing cabinet, safe, etc.)Â
Do not leave devices unattended in open spaces, regardless of how quickly you might return. Consider using a cut- and drill-proof locking cable to prevent grab-and-run incidents.Â
Do not leave devices unattended in visible, but private spaces like near office windows or visible from a car window to prevent break-ins and theft.Â
For researchers
Be sure to consult with the following documentation published by the Human Research Ethics Unit.
Keep an inventory of all devices, information, and services related to your work or project.
Establish a log or check-in/out system for when portable devices and hard copy data are used by a team member.
Don’t allow unauthorized people to use or borrow your devices.
Allowing someone to use or borrow your device could provide them access to locally stored data.
Securely delete all data from a device before surrendering or disposing of it.
Take additional precautions should be taken while travelling.
Search
Additional help
General
Contact us | Information Security (IS)
Contact us | Information Technology (IT)
Researchers
Research Information Security - Information Security at University of Toronto
Related articles
Â
Â
Â