Revisions allow you to track differences between multiple versions of your content, and revert back to older versions.
At the Michigan Education Data Center, we know your goal as a researcher is to crunch the numbers and offer insights that will improve lives. We strive to support researchers throughout the life of their research project. Below are just some of the ways we strive to serve.
Research Proposal Development
Record Matching Overview
Data Security Guidelines
Data made available through the Michigan Education Research Institute describe Michigan's children. It is critical that researchers keep data security at the forefront during every stage. Before submitting a research application, researchers should review these guidelines and work with their institution's IT and data security experts to make sure best practices are followed.
Authentication and authorization are two major components of data security. Authentication is the act of ensuring the person accessing the data is who they say they are. User IDs, passwords and two-factor authentication are all part of the authentication process. One reason we discourage the use of cloud storage solutions such as Box and Dropbox for storing and accessing MERI data is anyone with an email can create an account. Universities and NGOs have rigorous standards to meet before accounts are issued. This ensures each person has one (and only one) account. Without this, account-sharing or switching becomes a concern because it defeats the purpose of authentication! A strong research application may look something like this:
All project team members will access data with a University of Florin user account. The University of Florin uses Windows Active Directory to track and manage user accounts and requires a two-factor authentication step when logging onto U of Florin servers. When off-campus, users will connect to the U of Florin virtual private network (VPN) to access data.
Authorization is the act of ensuring the authenticated person has permission to access the data. The vast majority of authenticated users at an institution are not authorized to access the MERI data because they are not listed on the approved research application! Folder permissions are commonly used as an authorization mechanism. Researchers need to enlist IT staff to development an authorization (permissions) scheme before finalizing a research application. These plans should address the following questions. Who will be responsible for adding and revoking user access? How often will user access be reviewed and updated? What procedures will be followed when a project member departs? A strong research application may look something like this:
U of Florin IT staff will establish a limited-access project directory on network servers to hold MERI data. Only users identified in our research application and the necessary U of Florin systems administrators will have access to these directories. Access requests for new users will managed and requested by the principle investigator and lead project manager. Access for departed team members will be revoked within a week of departure. Access lists will be reviewed quarterly for omissions.