Go to main content | Go to main menu | Go to search

Recommendations for the Usage of Storages

A number of data storage solutions can be used at the university. Different repositories guarantee different levels of data security. Before you start storing data on a flash drive, mobile phone, network, or cloud, look at the recommendations for what storage is suitable for what types of data. If you are not sure where to store specific data, don't hesitate to contact us.

  1. Data Categorization
  2. Storage Categorization
  3. Repositories Suitability for Different Types of Data
  4. Complete Documentation

Consult Storage Solutions

1. Data Categorization

The table categorizes the types of data that MUNI students and employees may encounter. These are 4 categories of data sensitivity.

CategoriZATION Description examples

Public Data
  • Data is accessible to anyone without any restrictions, e.g., publicly displayed on the Internet.
  • Their publication does not pose any threat to MUNI or other institutions/persons.
  • presentations from public lectures;
  • publicly available research reports;
  • open-source software;
  • public research data;
  • promotion, public information about services.

Internal
Data
  • Data is intended only for a generally defined group of persons (e.g., project collaborators, institution employees, etc.).
  • However, they do not require special regulation or protection (by law, contract, etc.).
  • Disclosure outside the group will not cause direct damage (financial, moral, legal, etc.).
  • internal correspondence;
  • minutes of meetings;
  • internal regulations and rules;
  • internal work plans, notes, etc.;
  • unfinished/unpublished research reports

Discrete
Data
  • Data is intended exclusively for the internal needs of a precisely defined group of persons (e.g., an employee and his/her immediate superior, an employee of the HR department and a job applicant, a group of IT system administrators with administrator rights to it).
  • They require regulation or protection by their nature; typically, the data is protected by law or under a contract/license (for example, personal data of persons, data covered by trade secrets, etc.).
  • Making available outside a given group of people is likely to cause harm (financial, moral, legal, etc.).
  • economic and personal data;
  • personal data of students/employees/collaborators...;
  • identification card numbers, identification numbers, etc .;
  • credit card numbers;
  • valuable research data (providing, for example, a competitive advantage) or data containing otherwise sensitive information;
  • extensive collections of internal data;
  • access data (e.g., passwords or encryption keys) to minor systems and internal data.

Sensitive
Data
  • Data is strictly intended only for a precisely defined group of people (e.g., a healthcare professional and his patient, project leaders with a security clearance of a certain level, etc.).
  • They require special regulation or special protection by their nature; typically, the data is strictly protected by law or by contract/license (for example, precious data covered by trade secrets, sensitive personal data, etc.).
  • Disclosure outside the given group of authorized persons is likely to cause large-scale damage (financial, moral, legal, etc.) with serious/irreversible consequences.
  • In practice, little data will fall into this category; most will fall into the category of discrete data at most.
  • health data, sensitive personal data;
  • precious research data (providing, e.g., a unique and challenging to repeat competitive advantage) or research data containing highly confidential data;
  • extensive collections of discrete data;
  • access data (e.g., passwords or encryption keys) to essential systems and data of the discrete or sensitive category.

2. Storage Categorization

The table categorizes the types of repositories that MUNI students and employees may encounter. These are portable, local, network (cloud), and external storage.

Repository Type description

Portable
Media

 e.g., flash disks, memory cards, external HDD/SSD, CD, DVD,… i.e., external storage media that are not an integral part of any device and are used by users to transfer information between devices or store data offline

Local Storage

In computers
Data storage built into desktop computers/notebooks (typically internal HDD/SSD, etc.) in employees' offices, study rooms, etc. 

In mobile devices
Data storage is built into mobile devices, i.e., mobile phones, tablets, etc. (typically internal non-removable memory, memory card installed in the device, etc.) for use by employees/students.

Network and Cloud Storage ICS

 Data repositories operated by ICS and made available to end-users via the data network - the so-called standard and medium network storage. CERIT-SC data repositories for high-volume research data also fall into this category. 

Storage IS MUNI

 Document server, Depository and similar storage capacities integrated in the system IS MUNI.

Storage
CESNET

 Data repositories operated by the CESNET Storage Department. This category also includes services that use these repositories for the physical storage of data, e.g. CESNET OwnCloudCESNET FileSender etc. 

External Storage

Data repositories operated by external entities, i.e. outside MUNI and CESNET.

With MUNI Contract

MUNI Microsoft O365
Cloud data storage provided within the Microsoft Office 365 for Masaryk University. These include OneDrive personal storage, SharePoint document libraries, and O365 Groups. However, this also includes other data stored in the MUNI O365 cloud, such as electronic mail in MUNI O365 Outlook, files shared in the social network MUNI Yammer, etc. 

MUNI Google Workspace for Education
Cloud data storage provided within the Google Workspace for Education service for Masaryk University. In particular, these are the data capacities of MUNI Google Drive, but this also includes other data stored in the MUNI Workspace for Education cloud, e.g. e-mail in MUNI Google Mail, notes in MUNI Google Keep, calendar dates in MUNI Google Calendar, etc.

Without MUNI Contract

Public Google/Microsoft/Dropbox/... storages
This category includes mainly public cloud services (typically set up free of charge by private end-users only with electronic registration via the web) such as Google Drive, Microsoft OneDrive, Dropbox, Amazon storage, repositories on GitHub, etc. The main difference and "distinguishing mark" of this cloud storage category compared to the cloud services mentioned above is that MUNI has no (legal) relationship with the operators of these external services and is unable to guarantee anything regarding security/confidentiality or stored data policy.

3. Recommendations for Using Data Repositories at MUNI 

A summary overview diagram showing what types are suitable and inappropriate to store in different repositories.

repository type USAGE
 

Public
Data

Internal
Data

Discrete
Data

Sensitive
Data
Portable
Media		 appropriate possible 1/ inappropriate 2/ inappropriate
Local Storage in Computers appropriate appropriate appropriate 1/ inappropriate 3/
Local Storage in Mobile Devices appropriate appropriate 4/ possible 5/ inappropriate 3/
Network and Cloud Storage ICS appropriate appropriate appropriate appropriate 6/
Storage 
IS MUNI		 appropriate appropriate appropriate appropriate 6/
Storage
CESNET		 appropriate appropriate appropriate appropriate 6/
External Storage with MUNI Contract O365, OneDrive, SharePoint appropriate appropriate appropriate 1/ possible 7/
External Storage with MUNI Contract Google Workspace for Education 8/ appropriate appropriate inappropriate 2/ inappropriate
External Storage with MUNI Contract Grammarly appropriate appropriate inappropriate inappropriate
External Storage without MUNI Contract Public Google / Microsoft / Dropbox… appropriate inappropriate inappropriate inappropriate

1/ the use of encryption is recommended
2/ possible when using encryption
3/ possible in well-justified cases, when performing an individual analysis, the use of encryption and the application of other security measures that result from the analysis
4/ screen lock required (pattern, fingerprint reader, PIN, password) 
5/ necessary to use encryption, strong screen lock required (fingerprint reader, PIN, password) 
6/ it is recommended to perform an individual analysis, use encryption and apply other security measures that result from the analysis
7/ exclusively with adequate procedural coverage of the situation on the basis of individual analysis and the application of security measures that result from the analysis ​
8/ Google Workspace is not central solution, service is provided by Faculty of Informatcs

Complete Document for Download

You are running an old browser version. We recommend updating your browser to its latest version.