Guidelines for using confidential data

Prerequisites:

1. A working device connected to the internet
2. Installed DigiDoc4 and other ID-card related software, see www.id.ee
3. The computer recognises the ID-card

Palo Alto VPN Installation Guide

1. Go to https://vpn-ext2.rmit.ee in your web browser and log in using your ID-card

2. Download the GlobalProtect Windows client

3. After successful download, install GlobalProtect on your Windows device

For more information, please refer to the Palo Alto documentation at  https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-windows

Once installed, open the GlobalProtect client and enter vpn-ext2.rmit.ee as the portal, then click 'Connect' and log in using your ID-card

For more information, please consult the Palo Alto documentation (user guide also available here) at https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-mac

Once installed, open the GlobalProtect client and enter vpn-ext2.rmit.ee as the portal, then click 'Connect' and log in using your ID-card

For more information, please refer to the Palo Alto documentation at https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-user-guide/globalprotect-app-for-windows

Using the research work environment requires two-factor authentication, so in addition to authenticating with an ID-card over the VPN, you will also need to authenticate with the research environment username and password.

The password can be changed on the researcher portal at https://teadus.rmit.ee/. Log in with your username and password. Click Reset Password to change the password.

Create a new password and click Submit. The message "Your password has been successfully changed" will indicate that the password has been changed. Click OK.

Password requirements

• A password is valid for 180 days, after which you are prompted to change it when logging in
• The last 6 passwords are stored – this means recently used passwords cannot be reused
• The password must be at least 12 characters long
• The password must contain upper- and lower-case letters and numbers
• The password must not contain a username or easily derivable sequences (e.g. qwerty, 12345, etc.)

If upon login the password is entered incorrectly for five consecutive times, the account is locked for 3 minutes.

Changing a temporary password

N.B. Before logging into the RDP research work environment for the first time, the temporary password must be changed, as you cannot log in with a temporary password.

To change your temporary password, log in at https://teadus.rmit.ee/ with your username and temporary password. Click the link here to change the password.

Create a new password and click Submit. The message "Your password has been successfully changed" will indicate that the password has been changed. Click OK.

In order to log into the RDP research work environment, an active Secure VPN connection authenticated with an ID-card must be established.

To enter the research work environment, open the file named SA-Teadus.rdp, available for download  here:

In the modal window that opens, enter your username in the format teadus\forename.surname and password*. Click Continue.

A security warning window appears. As this is a secure server, you can continue logging in by clicking Continue.

N.B. It takes up to 2 minutes to log into the research work environment.

You are logged in when you see the research work environment desktop.

*Before the first login to the RDP research work environment, you need to change your temporary password, as this cannot be used to log in (see chapter “Password change, incl. temporary password change before first login to RDP (macOS & Windows)”)

In order to log into the RDP research work environment, an active Secure VPN connection authenticated with an ID-card must be established.

To enter the research work environment, open the file named SA-Teadus.rdp, available for download here:

A security warning window appears. As this is a secure server, you can continue logging in by clicking Connect.

In the modal window that opens, enter your username in the format teadus\forename.surname and password*. Click OK**.

N.B. It takes up to 2 minutes to log into the research work environment.

You are logged in when you see the research work environment desktop.

*Before the first login to the RDP research work environment, you need to change your temporary password, as this cannot be used to log in (see chapter “Password change, incl. temporary password change before first login to RDP (macOS & Windows)”)

**If the login fails and you instead see the error message “This computer can’t verify the identity of the RD Gateway „sa.teadus.rmv“…”, you need to install the certificate certification-for-pc.cer, available for download here: https://pilv.rmit.ee/s/xZWLefGiNniTy7w. For more detailed instructions on how to install the certificate, see chapter “Installing the certificate before first use of the RDP research work environment”.

To install the certificate, download the file named certificate-for-pc.cer and save it to your computer's hard drive. You can download the file here:

Open the file by double-clicking on it and in the modal window that appears, click Install Certificate.

The Certificate Import Wizard opens. Select Local Machine and click Next.

In the modal window that appears, select “Place all certificates in the following store” and click Browse.

In the modal window that appears, select Trusted Root Certification Authorities and click OK.

In the modal window that appears, click Next and then Finish.

Wait until you see the message “The import was successful”.

Try logging into the RDP research work environment again (see chapter “Logging into the RDP research work environment (Windows)”).

Your session starts when you log into the research work environment.

A session means that a computer in the research environment keeps your named account active and provides you with computing resources to do your work.

If you are not working, please log out of your account (Start menu → Your Name → Sign out), i.e. terminate your session to free up resources for other users.

Disconnecting means that the session remains running but the connection between your computer and the RDP research work environment is terminated.

You can disconnect by closing the RDP window by clicking the cross in the upper right corner or by selecting Start menu → Power → Disconnect. You will also be disconnected if you have been inactive for 15 minutes.

Disconnecting allows you to walk away from your computer and leave the software running in the RDP research work environment in order to come back later and resume the same session.

N.B. If your session remains active but you do not reconnect within 48 hours, the session will terminate automatically, and you will lose your unsaved work.

• Acrobat Reader
• Anaconda
• QGIS
• EUROMOD
• SPSS
• STATA
• R
• LibreOffice
• Notepad ++
• Jupyter Notebook
• Spyder
• PyCharm
• Python

Only a limited number of users can simultaneously use SPSS. In case of any problems, please notify Statistics Estonia’s contact person.

If you need to install additional packages or any other freeware, please notify Statistics Estonia’s contact person.

The RDP research work environment is connected to Statistics Estonia’s Intranet, there is no access to the Internet.

Structure of folders

The research data folders and the users’ personal folders are stored on the drives This PC > Data_Terminal (T:) and This PC > Data_Local (L:) (the precise location will be delivered to the users along with the password), located on Statistics Estonia’s server.

The drives contain the following folders:

• PROJEKTID – the users’ personal folders arranged by project for storing intermediate research results;
• SAADA – for storing the files that the user wishes to receive;
• UURINGUD – for research data and metadata.

Folder “PROJEKTID”

• The subfolders in this folder include projects for which an agreement on the use of confidential data has been signed. The title of a given subfolder contains the abbreviated form of the name of the agency having applied for the use of data, a word characterising the relevant project, and agreement number (e.g. TY_NAME_16).
• In the folder of each specific project, there are the personal folders of the users related to the particular project, and the folder “YHIS.”
• Personal folders can be accessed only by the relevant user, while the folder “YHIS” can be accessed by all users working on the same project.
• The folder “YHIS” can be used by the members of the project team for exchanging files. A researcher's own files, which he or she wishes to use in a secure computing environment, are placed in this folder (see chapter “Sending files necessary for work”).

N.B. Intermediate research results are to be stored in the folder “PROJEKTID”, not the My Documents folder or on Desktop. Files in a folder other than “PROJEKTID” will be deleted. Backup copies are made of the “PROJEKTID” folder.

Folder “UURINGUD”

This folder has survey-specific subfolders, the titles of which contain the name of the survey or an abbreviated form thereof (e.g. REL 2011 – data of the 2011 Population and Housing Census). Under every survey, there are the following subfolders:

• META – descriptions of the survey databases, questionnaires, methodology specifications, other necessary metadata;
• CSV – survey datasets in CSV format; 
• TXT – survey datasets in text format;
• SPSS – data of the respective survey in the SPSS format;
• STATA – data of the respective survey in the STATA format.

All databases might not be available in all formats.

The user has access only to the survey databases which are, according to the agreement signed, necessary for the particular project.

The user has only the right to read the material in the folder. Any file where the user wishes to insert changes should first be copied into the user’s own folder or into the folder “YHIS”.

What is a result?

A result can consist in frequency or volume tables, the results of a statistical test, regression analysis and other statistical analyses, figure, or any other type of text (e.g. an analysis or scientific article).

• A frequency table contains the results of object enumeration, ordered by background characteristics.
• A volume table contains totals, indexes, and ratios, calculated based on the individual data of some objects and ordered by background characteristics.
• A figure (graph) is the result together with the table it is based on.

A frequency or volume table that is sent for reviewing can be multidimensional and hierarchical. A table can contain up to 2,000 cells, a text document can be up to 10 pages long. A raw data file does not constitute a result.

Saving a result for reviewing 

Statistics Estonia’s employees are able to review a maximum of 25 tables or figures per month. In order to have a result reviewed and sent to you, you will need to save the final non-confidential results (those which preclude indirect identification, i.e. are public) to the folder “SAADA” (see the rules in the section “Rules of statistical disclosure control”).

The result is to be submitted as a LibreOffice or Microsoft Office file. To save in Microsoft Office format, select Save As in LibreOffice and in the File Type window select the appropriate Microsoft Office format. The result needs to be supplemented with sufficient explanations, so that it would be clear which characteristics have been used in the analysis and in which way. The headings of rows and columns cannot be codes but need to be the actual names of characteristics (see Annex 1 – “Example of correctly formatted results”). If you still wish to use codes in the interest of brevity, the meaning of the codes is to be added as a separate table.

Results that you wish to have sent to you need to be copied or saved to the folder “SAADA.” The name of the result needs to feature an identifiable project name and the name of the user, so that it would be clear to whom the result is to be sent.

Once an hour, the files saved to the folder “SAADA” are transferred to Statistics Estonia’s server, after which the folder “SAADA” is emptied (files currently open are not transferred). In order to avoid any problems, keep a copy of the file in your personal folder as well. The file containing the program code will not be reviewed by Statistics Estonia’s employees and the file will be made available to the user only if it does not contain the result. If you have accidentally copied a wrong file to the folder, please notify Statistics Estonia at microdata [at] stat.ee (microdata[at]stat[dot]ee) and the specialists of Statistics Estonia will not review the file.

Rules of statistical disclosure control

Before making a result available to the user, Statistics Estonia’s employees will check whether the content of the result meets the confidentiality requirements and apply disclosure control methods.

• In frequency tables containing personal data, frequencies 1 and 2 are confidential if they characterise a sample consisting of fewer than 2,000 persons. In the case of personal data of special categories, frequencies 1 and 2 are always confidential.
• Tables which contain aggregate data on economic units may not contain figures which have been calculated based on the raw data of one or two units.
• A table of aggregates may not have the value of one economic unit dominate a cell value, i.e. the share of the value of the largest unit in the figure presented in the cell may not exceed a certain percentage. The employees of Statistics Estonia will check the dominance criterion. Therefore, each aggregate table needs to be accompanied by a table with an analogous structure, containing the data of the largest unit of each cell in the aggregate table.
• The minimum and maximum of the raw data are confidential and cannot be included in the result. The quantiles (median, quartiles, deciles, percentiles, etc.) may be confidential if found on the basis of a small number of units.
• The salvage values of regression analyses and the figures of salvage values will not be published.

Making results available

Generally, a result will be sent to the user’s email address within three working days. In the case of extremely bulky files, the reviewing process may take up to ten working days.

According to the agreement of using confidential data, the user shall grant the publication of the result in a way which precludes the identification of a statistical unit.

Table 2. Regression analysis

The REG Procedure

Model: MODEL1
Dependent Variable: REG_MAKS

Explanation of characteristics

REG_MAKS – regular payments made to another household
Maakond37 – Harju county
Lk_tyyp_2 – one-member household with the member aged under 65
Lk_tyyp_4 – two-member household with both members aged 65 or over
Eltyyp_4 – apartment or a room in a residential building with fewer than 10 dwellings
Toimetulek_1 – household is having great difficulties with coping in terms of expenses
Arvuti –  household has a computer

After finishing work, please log out of the RDP research work environment using the Sign out command to free up computing resources for other users. If for some reason it is not possible to log out via the Start menu, you can alternatively use the key combination CTR+ALT+END (Windows) or CTRL+OPTION+BACKSPACE (macOS) and select Sign out from the view that opens.

If you wish to obtain a copy of your personal files necessary for work, send them to the address microdata [at] stat.ee (microdata[at]stat[dot]ee), specifying which project folder and which user folder the files need to be copied to. You can also have the files copied into the folder "YHIS". If a file with the same name already exists in the folder, it will be overwritten with the newer file.

For any problems, questions, or suggestions, please call +372 625 9300 or email stat [at] stat.ee (stat[at]stat[dot]ee)