In her own words: A Data Scientist gives Tips on Data and Internet Security for Researchers
Image Credit: Kavengi Kitonga
Author: Kavengi Kitonga
In July 2024, Kavengi Kitonga, a 2021 Mawazo Fellow, and the Mawazo Institute’s Tech team, took the 2023 Mawazo Fellows through a live Micro Course on Data and Internet Security. Below are excerpts of some of the advice she shared with African PhD researchers.
The number one lesson for every researcher is that security starts with you. Data and internet security knowledge is critical for researchers as data forms the crux of the research process, without which subsequent research processes such as data preprocessing, analysis, results reporting, and ultimately journal preparation cannot proceed. This is especially true for many researchers who undertake their own data collection.
Even in cases where researchers can access online datasets, they still must engage in tasks such as data processing, preparation and analysis. These tasks more often than not run into hundreds if not thousands of lines in scripts. As a significant amount of time is taken in preparing these scripts the loss of such data can be devastating in your research journey.
Data security is also important from a cost perspective. Data collection is a costly process that often runs into thousands of dollars, meaning any loss of data has huge cost implications, as projects cannot afford a revisit.
Research and the internet are two peas in a pod. As researchers constantly engage with the internet, be it through online collaborations, downloading online resources or engaging in numerous online forums, internet security becomes paramount. Internet vulnerabilities may penetrate personal computers, potentially exposing researchers to numerous challenges such as data loss and data privacy breaches.
With increased online presence, it is not hard for personal information to be gleaned to curate a believable scam. With such scams, deception becomes a real possibility with continued correspondence as questions become increasingly intrusive and suspicious. Intrusive questions may relate to confidential information such as requiring the researcher to submit bank information via a 'link'.
“Common scams include emails from predatory or even non-existing journals inviting the researcher to submit a publication.”
Such scams may be easily avoidable as they may address a yet to be doctoral candidate as 'Dr'. Also a quick search on the 'journal' can reveal its non-existence or a dubious site.
Some scams may pretend to invite the researcher to a conference. Such scams are not easily discoverable at first look, as they may be personalized to the extent of quoting recent publications by the researcher, affiliation etc. Such information on researcher details can be accessed on LinkedIn, institutional websites, and Mawazo.
The most important thing to note is that it can happen to anyone as the scams can become very personalized, appealing to the ego or desire to be appreciated. Granted recognition in itself is not a bad thing, however scammers can capitalize on this desire to defraud young researchers trying to build their name.
A good starting point would be to integrate it into research methods courses, or better yet introduce a course dedicated to data and internet security, similar to Mawazo’s MLEx Micro Course. Given that data forms the crux of research and researchers are constantly on the internet, such a course is imperative.
“Universities and research institutions could do a lot to encourage and support researchers to improve their data and internet security.”
Even for disciplines in which primary data collection is not mandatory, data security remains important since data is not only what was collected in the field but also encompasses scripts documenting methodology, proposals, and manuscripts.
For such courses to be effective, however, they need to be holistic, addressing security at each phase of the data life cycle: planning, collection, pre-processing, and analysis.
Whereas internet security does not possess a precise life cycle as such , a holistic application here would encompass the range of vulnerabilities, which in this age of AI, requires a dynamic up-to-date approach. Knowledge of internet security regardless of domain remains imperative as researchers are constantly on the internet.
Kavengi Kitonga is a 2021 Mawazo Fellow and a PhD candidate in the Department of Agricultural Economics at the University of Nairobi, Kenya.