Transferring Data

Transferring data to and from your analysis environments is now a more challenging endeavor due to a number of factors, including increases in dataset sizes, increases in confidential information and data sensitivity considerations, and increases in technology protections to enhance data security. We’ve assembled the information below to give a comprehensive overview and to help in the decision making process.

Finally, we intend this document to complement HBS IT’s security guidelines and their excellent Information Security Quick Reference Guide, with the knowledge that their document is the authoritative source.

Transfer Methods:

 

Direct Transfer (e.g., SFTP/Mapping a Drive)

SFTP (secure file transfer protocol) Programs

Security Level Allowed: Level 4

SFTP Programs such as SecureFX, FileZilla, and Cyberduck are good ways of sending large files (above 5-10 GB) securely by using end-to-end encryption. However, SFTP programs require that files be placed somewhere that can be retrieved. HBS does not allow external data providers to reach into our network & place files on our servers for this type of transfer. In order to use SFTP programs, external data providers should arrange for files to be placed in a location on one of their servers. 

HBS Secure File Transfer Web Application

Security Level Allowed: Level 4

HBS's Secure File Transfer is an easy-to-use resource for both HBS users and collaborators. Like SFTP, files transferred through this option are also encripted. Secure File Transfer is ideal for data smaller than 2GB. Anything larger than 2GB is divided into separate 2 GB files upon download.

Mapping a Drive/Mounting a Volume

Security Level Allowed: Level 3

Mapping drives/mounting volumes is an easy way to securely transfer data by having one's desktop or laptop connect directly to the storage, as users can map and disconnect at any time. However, this method could be highly dependent on one's network connection. Large files could take a while to transfer over slower connections, especially over VPN. 

Email

Security Level Allowed: Level 2

Although this may be the easiest method, using email is not a secure method for sending confidential/sensitive data. Furthermore, email attachments must be very small (25MB or below). 

Cloud Sync (e.g., DropBox, OneDrive, Google Drive) 

When using Cloud Sync to transfer data, please be aware of the security level of your data as not all services have been approved by HBS IT to handle data with higher security requirements.  

SharePoint Team Sites 

Security Level Allowed: Level 3

SharePoint Team Sites are a group of web pages that allow teams to collaborate on projects. For additional information, see: https://inside.hbs.edu/Departments/it/howto/sharesites/Pages/Basic-Tasks-in-SharePoint-2010.aspx 

One Drive Client

Security Level Allowed: Level 3 

One Drive Client is a cloud sync client that provides access across devices and the ability to share files with others. For additional information, see: https://inside.hbs.edu/Departments/it/howto/office/Pages/OneDrive-for-Business.aspx 

DropBox 

Security Level Allowed: Level 2  

DropBox provides easy access across devices and team members and is free for up to 2GB of data. For additional information, see: https://inside.hbs.edu/Departments/it/howto/third-party-applications/Pages/dropbox.aspx 

Google Drive 

Security Level Allowed: Level 2 

Google Drive allows for easy sharing across devise and team members and is free for up to 15GB of data. Note that some schools, but not HBS, have an agreement with Google for secure storage of data in Google Drive. 

Third-Party Transfer Tools 

Security Level Allowed: Potentially up to Level 3

Third party transfer tools such as Globus are available, but please contact RCS directly if interested in using them in the HBS environment. Depending on the tool, it may only be appropriate for transferring Level 1 and 2 data.  

Mail / ”Sneaker Net” 

Security Level Allowed: Potentially up to Level 4

Individuals may elect to mail ("snail mail") or hand deliver (i.e., “Sneaker Net”) electronic data on a external portable storage device. This can included devices like flash drives. Note that if the data are Level 3 or higher, the external portable storage unit must be encrypted and password protected. Please see HBS IT's Information Security Quick Reference Guide for more information.  

Copying Files to/from the Research Grid

Detailed instructions for transferring/copying data on the research can be found here: https://grid.rcs.hbs.org/copying-files