Major Concerns, Hacks & Lost Data When Using Online Lab Notebooks
In this article we will tackle major concerns regarding the use of digital, cloud-based, online lab notebooks and similar software solutions.
We live in the digital age when more and more of private, research and business data ends up online. Yes, we can choose not to use any of the online solutions, but the world is moving forward. It is hard to imagine paying bills at a bank when you can use e-banking or hailing for a taxi when you can just order Uber. The most important thing is how you will use it to your own advantage. Technology is not our enemy. Technology amplifies the intelligence and potential of people at the heart of science.
“Imagine how impoverished this world would have been if we hadn’t invented the technology of the oil painting in time for Van Gogh, or the technology of the musical instrument in time for Beethoven and Mozart to unfurl through it. With the revolutions in biotechnology and nanotechnology, the free exchange of information is allowing us to conceive of radical new things.‟ J. Silva
So, are cloud solutions our data’s major threat or great advantage?
Digital clouds can be viewed as a big advantage or as a major threat to our data saving practices.
“If you are using email, Google/Google Drive, Dropbox or any similar application, you are already using the software in the cloud. In a way, concerns about saving data in a cloud are somewhat similar to the use of credit, debit and current/chequing account bank cards in the past. There was a shift people needed to make to start using the bank cards rather than saving and carrying cash around. Today, experienced cloud providers’ main aim is to store encrypted data in advanced data-centers with high security to prevent any unauthorized access.‟ Read the full article here
Can you lose all your data that was saved in the cloud?
Yes, of course. Just as well as you can lose it from your own server, computer or smartphone. Technology is not immortal. If you are on your own, or you work for an institution or an enterprise, your data can be lost forever by your internal IT department or an outsourced service. Nothing is bulletproof. But, the costs and damage can be minimized by using cloud based software.
How not to panic and minimize the risks of losing your data
If you are using or thinking about using the web-based software to save and manage your data, ask the support and development team where the data is saved. Whose service are they using? Are they providing their own servers or are they using the service of big cloud providers such as Amazon or Google? They should be transparent with you about the safety of your data, backup and retrieval of your data if anything happens.
We tend to believe that data we save on our own computers is the safest. Just as my grand-grandmother believed that money she saved in her socks in the bottom drawer is the safest. The truth is, most of us researchers are really not true computer experts or security experts. So our computers most probably have some viruses or other malware we are not even aware of. Anti-virus solutions work well, but again, they are not bulletproof.
Established cloud service providers do have high level security protocols in place. They are the security experts and guarantee the safety of your data. So in this scenario, if anything happens, you are not on your own. They will have to handle it for you. Even better, if the cloud software you are using has the contract with one of the established cloud providers and anything goes wrong, they both have to handle these things for you. So you’re good. On the other hand, if anything happens to your own laptop or your institutions’ system… you are on your own. Good luck.
It is time to admit it is easier to lose data from our own computers or our institution’s servers due to technical issues, theft, viruses or hackers, than from an Amazon cloud, Google etc. The thing is, if your important data is saved in the cloud, even if someone physically steals your laptop, they do not gain access to your data.
Let’s Talk Numbers
As stated by the Ponemon Institute in their 2015 Cost of Data Breach Study: Global Analysis, 3 main root causes of data breach are:
- Malicious or criminal attack
- System glitch – your IT or business process failure
- Human error – employees
In their Cost of Data Center Outages 2016 Report, they specify more in detail the root causes of unplanned outages, with UPS (power supply), cyber-crime, accidents and human errors, water/heat failures and weather issues taking the lead. Mistakes by the employees account for 22% while the IT equipment failure is only around 4%.
The 2015 Protected Health Information Data Breach Report by Verzion states that when it comes to protected health information for example, lost and stolen assets account for 45% of data breaches, while web applications incidents account for only 1,9% and cyber espionage for 0,3%.
So maybe we could give the cloud a chance. Be skeptical, be critical, but give it a chance.
What if the ELN vendor doesn’t exist anymore?
Ask the support and development team behind the web-based software about their data retrieving measures in case you would like to start using alternative software in the future or if they go out of business. Also, it would be good to find out whether your data will be retrieved in the format you can easily move to another software or to your own storage space. Basically, you want it to be in a usable format.
Does the open source, web-based software put my data in a greater risk of being hacked?
Right on the contrary. The goal of a secure system is not to hide its implementation details, but to securely protect the entrusted data from an unauthorized access. Also, open source software can be reviewed and improved by anyone because its source code is visible to the public. Therefore, it is easier for the potential bugs and security risks to be found compared to a closed-source software, where code review is often limited to an inside group of developers. Open source web based software is a good option precisely because it is available to all. We might say that it is independent. Which means that you are not tied to one vendor or owner of the software. Even better, the whole scientific community is free to develop add-ons, improve the software and its weak points and maintain it. In a way, this type of software is peer-reviewed. The development team who created the software in the first place would be your source of support and contact, but you are not dependent on them. Generally, open source software is a big money-saver due to its open nature. But don’t confuse the availability of the software’s code with greater possibility of hacking it or stealing your data.
Do you have any other concerns you would like to discuss? Feel free to comment below.