How do I recover user group data from a user who left the institution?
Prevention
You must prevent this scenario from the beginning. To do that, several precautions may be taken:
- Have all users sign a contract with the institution that includes a data protocol in case the user leaves the institution.
- Make sure users accept the T&C's that pop up when they log into tiCrypt.
- Designate an
encrypted drive
for the group members who will transfer their findings at the end of the research.
Key Recovery
If it is the case that a user has left the institution without following the data guidelines
, you may consider recovering the user's private key via the escrow mechanism.
To recover a user's private key:
- Contact the escrow users groups from your institution.
- The escrow users will come together each having a part of the user's private key and hand it to the site-key admin.
- The site-key admin will digitally sign the escrow key.
- Once the private key is recovered, the escrow team will sync with a super-admin to re-login into the system.
- The user group data will be shared with the super-admin in the vault or transferred into a super-admin-owned virtual machine.
- Optionally you can download the user data to a secured offline local machine or a thumb drive.
Additional Actions
- Ask the user for their
private key password
so that an admin can log in and transfer the data to a securedencrypted drive
. - Request a data transfer from the user based on the institution's
legal guidelines
for handling the data. - If no cooperation is agreed upon, open a legal dispute with the user to the level that allows recovery of the data.