Protecting data

Everyone has an interest in protecting their own data. That does not only apply to your personal details, but also to the information you work with. If, for example, you are conducting a study, you obviously do not want that data to become public before you yourself have published them. You must also protect the details of other persons you record for your research. Therefore you should take the following measures to protect data yourself.

Practical measures

The following measures are obvious and easy to take:


Encryption is a technical tool to protect data. We advise using encryption when recording research data. But it can also be used for other data.

You can encrypt your website or information in various ways. The most commonly used forms of encryption are certificates. This ensures that the information flow between website and browser can not be seen. Any employee or student with a website located on our network or under can apply for a certificate. Click on the links below.

  • Encrypted transport of files

    To transport large files over the network, you can use the SURFfilesender service. Do not forget to set the checkmark at "Encrypt this file".

  • Send encrypted emails

    If you wish to protect the privacy of an email message, you can encrypt it. There is one restriction: attachments must not exceed 25MB. If you need to send larger files, it is best to use Filesender.

    When you encrypt an email message in Outlook, the legible, plain text is converted into code. Only the addressee with a private key belonging to the public key used to encrypt the message can decrypt it. Any addressee who does not have the corresponding private key will only see coded text and will not be able to decrypt it. Two steps are needed to encrypt an email in Outlook, first setting up a private key and then indicating you want to encrypt the message. You can also opt to encrypt all outgoing email messages but you will then need to exchange the public keys with all recipients. The two steps are as follows:

    1. requesting a key; (go to requesting personal certificate)

    2. encrypting the email. 

  • Encrypting files

    It is wise to encrypt files with sensitive data to prevent data leaks occuring in the event of loss or theft. The best way is to encrypt the entire hard disk or USB stick. When encrypting a single file, there is a high probability of errors or that an application leaves (parts of) the file unencrypted on your hard disk.

    If you want to encrypt a single file, use GPG. This is the only way you guarantee that the file is encrypted both during storage and transport.

  • Encrypting a hard disc/device

    In case you forget to encrypt sensitive data, you can also encrypt the whole storage disc. Both Windows and Apple computers (hard drive and USB) have this option, as do Android devices, iPads and iPhones.


    1. enable Bitlocker in Windows 10 by going to Configuration; 
    2. type bitlocker in the search bar and press Enter; 
    3. click on Manage Bitlocker and click to activate Bitlocker. 


    1. select the Apple menu > 'System Preferences' and click on 'Security and Privacy'; 
    2. click on the tab 'FileVault'; 
    3. 2 click on the Lock button and enter the admin's name and password; 
    4. click on 'Enable FileVault'. 


    1. make sure that a screensaver with a PIN or password has been set on the device; 
    2. in Settings, select the option Security > Encrypt Device. (On some phones, you will need to choose Storage > Storage encryption or Storage > Lock screen and security > other security settings to find the 'Encrypt' option); 
    3. follow the instructions shown on the screen. During the encryption process, the device may restart several times. 

    Ipad and Iphone: 

    1. activate a PIN or password. If your device has a Touch-ID fingerprint scanner, use that option; 
    2. as soon as you have set a PIN, the entire contents of your Iphone will be encrypted.