In addition to creating backupThe term backup means data protection or data recovery and refers to the copying of data as a precaution in the event that data is lost, e.g. due to hard drive damage or accidental deletion. The data can be restored with a backup. For this purpose, the data record is additionally saved on another data carrier (backup copy) and stored offline or online. Read More copies through regular backups to safeguard data in case of emergencies, the following measures can protect (research) data from unauthorized third-party access:

1. Physical Security Measures in Shared Spaces

• Lock windows and doors when leaving a room.
• Protect desktop computers from unauthorized access by using screen locks.
• Do not leave portable storage media (e.g., external hard drives, USB sticks) unattended; store them securely whenever possible.

2. Computer System Security and Secure Online Work and Communication

2.1 Password Protection (Devices, Folders/Files, Accounts)

Despite increasing data breaches and cyberattacks on public institutions, many German internet users still rely on weak passwords such as 123456, password, or qwertz, which top the list of the most commonly used passwords (HPI, 2021).

„It is crucial to understand that passwords are the gateway to our digital lives. As we spend more time online, improving our cybersecurity practices becomes increasingly important.“

(Gronau, 2021)¹Translated by Saskia Köbschall.

While there is no 100% protection against cyberattacks, strong passwords make unauthorized access significantly more difficult, as they require substantial time and computational power to crack. Password protection is essential for securing:

• Hardware (PCs, external storage devices)
• Online accounts (email, social media, cloud storage, streaming services)
• Compressed (zipped) files and folders

Tips for Creating Secure Passwords:

• Use long passwords (at least 8 characters)
• Include uppercase and lowercase letters, numbers, and special characters
• Avoid dictionary words
• Do not reuse the same or similar passwords
• Modify words by replacing characters with visually similar alternatives (BESEN → I3€5EN)
• Use passphrases (e.g., IchHabeEinNeuesPasswort → IchHabe1nPa$$Wort.)
• Store passwords securely (consider password management software such as KeePass)
• Enable two-factor authentication (2FA)Two-factor authentication (2FA) supplements password protection by requiring a one-time code, delivered via SMS, smartphone app, or hardware token. This method significantly enhances security, as access to the smartphone or similar device is also necessary in order to gain access to the protected data. Read More whenever possible

The following video (approx. 4:30 min) explains how passwords can be cracked and how to create secure passwords:

2.2 Encryption

Encryption is a method of securing data by making it unreadable to unauthorized users. The data is converted using algorithms so that only authorized individuals with the correct “key” can decrypt and access it.

a) Encryption of Software and Hardware

The following video (approx. 2 min) explains the concept of encryption and decryption:

Various free software programs can encrypt files, folders, drives, operating systems, or even emails:

7-Zip: https://7-zip.org/
Compresses and encrypts files for secure transmission. It also allows password protection and filename encryption.

Gpg4Win: https://www.gpg4win.de/
A Windows-based encryption tool for emails, files, and folders, commissioned by the Federal Office for Information Security (BSI) (BSI, 2023c).

VeraCrypt: https://www.veracrypt.fr/en/Home.html
Encrypts entire or partial hard drives and external storage devices on Windows, macOS, and Linux.

b) Encrypted Online Communication

The following video (approx. 2 min) explains encrypted communication:

One of the most secure ways to encrypt messages is end-to-end encryption, which is now a standard feature in many email and messaging services. This ensures that only the intended recipient, with the correct decryption key, can read the messages, preventing third-party interception.

2.3 Additional Security Measures

• Use firewalls and antivirus software
• Regularly update software (operating systems, applications) and install security patches
• Avoid using open, unsecured Wi-Fi networks
• Use a USB data blocker when charging smartphones in public spaces²(A USB data blocker prevents unauthorized data transfers – also known as „juice jacking“- while allowing only power to pass through.)

3. Secure Data Deletion in Digital Systems

Deleting files by moving them to the recycle bin and emptying it does not permanently erase them – only the references to the files are removed, leaving the data recoverable with specialized software. To ensure that sensitive dataWithin the category of personal data, there is a subset known as special categories of personal data. Their definition originates from Article 9(1) of the EU GDPR (2016), which states that these include information about the data subject’s: Read More is permanently destroyed, researchers should use secure deletion tools or physically destroy storage devices.

• Secure Data Deletion on Hard Drives with free programs that overwrite files multiple times to make them irretrievable:
  • File Shredder (Windows and macOS)
  • CCleaner (Overwrites free space or entire hard drives)
  • Eraser (Overwrites data upon Windows startup)

• Secure Data Deletion on Mobile Devices (Before Selling or Recycling)
  • Encrypt the data, then…
  • Delete and overwrite data and user information, finally…
  • Reset the device to factory settings (See BSI security tips, 2023b)

• Secure Data Deletion on Flash Storage (e.g., USB drives, SSDs)
  • Overwrite free space after deletion using tools like CCleaner
  • Overwrite free space by filling it with a large, meaningless file (e.g., a video) (Schieb, 2022)

For up-to-date guidance on securely deleting data from different devices, consult the Federal Office for Information Security (BSI, 2023b).

Evidence in Data Affairs

Data Security

Article, Learning unit