Example 3: Multiple researchers working on shared data

Some research projects involve collaboration of multiple people working on the same data set. If the data is read-only then this workflow can be easily accommodate with high level of confidentiality in the ResVault environment. The shared data can be copied into a special encrypted drive that can be mounted in any VM used by any authorized researcher to carry out their part of the work. The ResVault environment logs all accesses to the virtual drive. Thus audit logs will contain the necessary information to investigate any potential security incident.

The traditional approach of shared write access to data on file servers is inherently insecure and does not ensure compliance. As such this method of data sharing is not an option within ResVault. It must be kept in mind that many of workflows were developed a long time ago.

It is therefore important to carefully assess the need for shared write access and look for alternative workflows that accomplish the same research objectives. It must be kept in mind that many of these workflows were developed a long time ago when the cost and capabilities of computer systems and software was very different from what it is today.