Data Practices
Transferring Data
Transferring Data
Transferring data to and from your analysis environments is now a more challenging endeavor due to a number of factors, including increases in dataset sizes, increases in confidential information and data sensitivity considerations, and increases in technology protections to enhance data security. We’ve assembled the information below to give a comprehensive overview and to help in the decision making process. For specific guidance on how to copy files to and from the HBSGrid, please see our page on copying files.
Finally, we intend this document to complement HBS IT’s security guidelines, with the knowledge that their page is the authoritative source.
- Direct Transfer (e.g., SFTP/Mapping a Drive)
-
SFTP (secure file transfer protocol) Programs
Security Level Allowed: Level 4
SFTP Programs such as FileZilla, Cyberduck, and rsync are good ways of sending large files (above 5-10 GB) securely by using end-to-end encryption. However, SFTP programs require that files be placed somewhere that can be retrieved. HBS does not allow external data providers to reach into our network & place files on our servers for this type of transfer. In order to use SFTP programs, external data providers should arrange for files to be placed in a location on one of their servers. If this is not possible (due to technical limitations or lack of capability), RCS can work to make an SFTP server available for such transfers.
Harvard Secure File Transfer Web Application
Security Level Allowed: Level 4
Harvard's Secure File Transfer is an easy-to-use resource for both HBS users and collaborators. Like SFTP, files transferred through this option are also encrypted. Secure File Transfer is ideal for data smaller than 50GB.
Mapping a Drive/Mounting a Volume
Security Level Allowed: Level 3
Mapping drives/mounting volumes is an easy way to securely transfer data by having one's desktop or laptop connect directly to the storage, as users can map and disconnect at any time. However, this method could be highly dependent on one's network connection. Large files could take a while to transfer over slower connections, especially over VPN.
Email
Security Level Allowed: Level 2
Although this may be the easiest method, using email is not a secure method for sending confidential/sensitive data. Furthermore, email attachments must be very small (25MB or below).
- Cloud Sync (e.g., DropBox, OneDrive, Google Drive)
-
When using Cloud Sync to transfer data, please be aware of the security level of your data as not all services have been approved by HBS IT to handle data with higher security requirements.
SharePoint Team Sites
Security Level Allowed: Level 3
SharePoint Team Sites are a group of web pages that allow teams to collaborate on projects.
One Drive Client
Security Level Allowed: Level 3
One Drive Client is a cloud sync client that provides access across devices and the ability to share files with others. For additional information, see: https://inside.hbs.edu/Departments/it/howto/OneDrive/Pages/OneDrive-for-Business.aspx
DropBox
Security Level Allowed: Level 2
DropBox provides easy access across devices and team members and is free for up to 2GB of data. For additional information, see: https://inside.hbs.edu/Departments/it/howto/Dropbox/Pages/Dropbox.aspx
Google Drive
Security Level Allowed: Level 2
Google Drive allows for easy sharing across devise and team members and is free for up to 15GB of data. Note that some schools, but not HBS, have an agreement with Google for secure storage of data in Google Drive.
- Third-Party Transfer Tools
-
Security Level Allowed: Potentially up to Level 3
Globus is available for data up to Level 3 (instructions for use on the HBSGrid are here). For other third-party tools, contact RCS as they may only be appropriate for transferring Level 1 and 2 data.
- Mail / ”Sneaker Net
-
Security Level Allowed: Potentially up to Level 4
Individuals may elect to mail ("snail mail") or hand deliver (i.e., “Sneaker Net”) electronic data on a external portable storage device. This can included devices like flash drives. Note that if the data are Level 3 or higher, the external portable storage unit must be encrypted and password protected.