Access resources tailored to your learning style
Getting Started with Dedoose
Review key features and terminology, data preparation tips, create a project and import data.
Learn More
Dedoose has not at the time as of this update provided any agency with any customer data for any reason at any time. If someone at an agency has made a legal request for customer data, we promise to use every action available to obscure, and delay this request and use all legal avenues available to reject and inform the affected user(s) of said request.
Dedoose sets up an AES (Advanced Encryption Standard)-256 CBC (Cipher Block Chaining) Encrypted SSL/TLS (Secure Sockets Layer) tunnel using a premium SSL/TLS-EV certificate. All communication following this channel is encrypted. The user is not prompted for login information until this communication channel is established. The server then provides the Dedoose client with a one way write key using RSA encryption.
The Dedoose client then applies a per user salt hashing algorithm (SHA-256) and encrypts this result with the one-way write key, RSA, to verify the user password. This means Dedoose does not store user passwords. Rather, the system stores the known result of this algorithm against the username and password and then compares that result to the result the Dedoose client sends to the server for authentication, and prevents both man in the middle attacks, as well as brute force password attacks, and, in the event our database is compromised, user passwords will not be revealed. This login system follows the security industry’s best practices and has been verified by Leviathan Security Group.
Review key features and terminology, data preparation tips, create a project and import data.
Dedoose is designed and maintained to ensure we meet the requirements of institutional and governmental human subject protections and other standards for qualitative research data in higher education. We are committed to employing the most current technologies, systems, policies, and practices to ensure your data are safe.
Dedoose is designed and maintained to ensure we meet the requirements of institutional and governmental human subject protections and other standards for qualitative research data in higher education. We are committed to employing the most current technologies, systems, policies, and practices to ensure your data are safe.
Dedoose was designed from the ground up knowing that security would need to be the foundational factor to build and provide access to a trusted academic cloud-based research platform.
Dedoose employs a set of encryption, storage, and access strategies to protect data privacy during all phases of project data movement to and from the client to Dedoose systems and all stops along the way. All data are encrypted in transit and at rest.
Cloud service technologies and security regulations are constantly evolving, and our team works continuously to ensure the Dedoose platform remains current with these changing requirements.
Dedoose systems are built and maintained to meet or exceed all international certifications for research data handling and protection. Below are various standards that Dedoose and our cloud-provider Azure have secured.
International cloud storage standards for protecting personally identifiable information.
International information security management systems standard.
National standard for protecting sensitive patient health information and patient disclosure rights.
Standards for security and risk-assessment for cloud technologies.
System and organizational control criteria for financial information and organizational cloud service data center security.
Auditing standard criteria for the design and operating effectiveness of service organization controls and process.
Compliance mechanisms for protecting EU data when transferring to and engaging in transatlantic commerce with the United States.
General legal framework for the collecting and processing personal information of individuals living in and outside the European Union.
Dedoose is committed to the protection of users’ personal information and their research data. Below are a few of our policies to ensure your safety:
Never selling, sharing, or trading your personal information or data with any 3rd parties, including any AI training services
Explicitly requiring opt in for communications, providing mechanisms for you to be able to view and export your research data, control your personal data, and permanently delete all your data, and all personal information stored in or by Dedoose
Implementing comprehensive industry-standard data security and protection standards such as SOC 2 Type 2
Embracing and meeting all certification requirements for compliance with the EU-US Privacy Shield Framework
Our ‘Your Data, Your Way’ philosophy means we will never share your project data or personal information with any third-party services or expose your data to any AI models for information gathering or training purposes.
Dedoose does not share any customer information with any 3rd party organization. We respect your rights to your data and do not access or use your data in any way without your explicit permission or justification.
Data centers managed by Microsoft have extensive layers of protection. This includes access approval, at the facility’s perimeter, at the building’s perimeter, inside the building, and on the datacenter floor. This layered approach reduces the risk of unauthorized users gaining physical access to data and the datacenter resources.
All data communication through Dedoose occurs through a 2-lock system. Dedoose sets up an AES (Advanced Encryption Standard)-256 CBC (Cipher Block Chaining) Encrypted SSL/TLS (Secure Sockets Layer) tunnel using a premium SSL/TLS-EV certificate. The server then provides the Dedoose client with a one way write key using RSA encryption.
By default, Dedoose keeps a backup of all data for restoration purposes for a period of 2 years. This data backup is encrypted using AES256. A user can delete their project from Dedoose at any time and we can remove that data permanently from our backups by a certified written request to support@dedoose.com.
Dedoose includes an account workspace and project security workspace for managing per user data access. This includes the ability for an account’s admin to manage users, enable and disable users, and define users, groups, and permissions at a granular per-project level. This security is enforced both on the client-side and the server-side.
Dedoose is hosted on Microsoft’s Azure US servers with all project data backed-up in-full on a nightly basis, encrypted using AES-256 processes, and transferred automatically to redundant storage volumes. One volume is on-site, the other two are off-site and replicated across geographic regions. All project file data are encrypted and stored in a Microsoft Azure fault tolerant storage volume. For added safety, this storage volume is encrypted and mirrored in real time to an Amazon S3 storage volume in the same geographic region.
By default, Dedoose keeps a backup of all data for restoration purposes for a period of 2 years. This data backup is encrypted using AES256. A user can delete their project from at any time and we can remove that data permanently from our backups by a certified written request if needed. To ensure these processes are working as designed, an automated program runs weekly, which includes: downloading the most recent backups from each storage volume, verification that the backup is the correct version, a full test restoration of the database to assure data integrity, and email reporting of all backup and restoration process results to key members of the Dedoose Admin team.
Dedoose includes an account workspace and project security workspace for managing per user data access. This includes the ability for an account’s administration to manage users, enable, disable users, reset user passwords, and define users, groups, and permissions at a granular per-project level. This security is enforced both on the client-side and the server-side.
Dedoose is hosted on Microsoft’s Azure US servers with all project data backed-up in-full on a nightly basis, encrypted using AES-256 processes, and transferred automatically to redundant storage volumes. One volume is on-site, the other two are off-site and replicated across geographic regions. All project file data are encrypted and stored in a Microsoft Azure fault tolerant storage volume. For added safety, this storage volume is encrypted and mirrored in real-time to an Amazon S3 storage volume in the same geographic region.
By default, Dedoose keeps a backup of all data for restoration purposes for a period of 2 years. This data backup is encrypted using AES256. A user can delete their project from at any time and we can remove that data permanently from our backups by a certified written request if needed. To ensure these processes are working as designed, an automated program runs weekly, which includes: downloading the most recent backups from each storage volume, verification that the backup is the correct version, a full test restoration of the database to assure data integrity, and email reporting of all backup and restoration process results to key members of the Dedoose Admin team.
Dedoose undergoes a variety of security and compliance related audits on the following schedules
Dedoose undergoes a variety of security and compliance related audits on the following schedules.
Upon the detection of any breach in data security, Dedoose technical staff, led by the Dedoose Chief Technical Officer, will immediately assess the size, scope, and severity of the breach.
All administrators of projects that may have been involved are then notified with the response plan.
Depending on the nature and cause of the breach, Dedoose will take appropriate action to prevent any future breach and then, to the extent reasonably practicable, restore the integrity of all affected project data.
Dedoose hosts all data within the continental U.S. Further details about this notification and response plan will be provided upon request.
