Secure Data Management for Utility Surveys

Introduction 

The civil engineering surveying profession is often told that the new gold rush is for data, but is that data treated with the same care that would be given to gold? With building information modelling (BIM) and digital engineering increasingly becoming business-as-usual, the data collected and managed by utility surveyors is both essential and valuable. As well as being of value to the client, contractor and project operators, utility survey data can be used beneficially for research, nationwide mapping initiatives, education and training.


However, it is also of value to those who pose a threat to the commercial success of a business and to the safety of the societies we live and work in.

Data management should avoid creating unnecessary processes and costs, but should have systems and procedures in place that can be followed when appropriate. It is about being security-minded and risk aware. The Utilities and Subsurface Mapping Panel (USMP) of the Chartered Institution of Civil Engineering Surveyors (CICES) has produced this best practice guidance to highlight areas that all professional surveyors should be mindful of when conducting a utility or subsurface survey and recommended steps to consider. Professional surveyors should show leadership in highlighting potential vulnerabilities to clients. Good data management is a business advantage, and surveyors following this guidance should ensure they promote their adherence to best practice, demonstrating the value they place on a security-minded approach to data management. 


About this guidance

The guidance has been designed to cover the role of the surveyor at each stage of the survey lifecycle and it is intended that surveyors and client organisations can refer to it at any of
these stages:

■ Tendering
■ Planning and risk assessment
■ Data collection
■ Data processing and handover
■ Data storage, retention and disposal

The guidance refers to data in its widest sense from desktop utility records searches and site reconnaissance to utility detection and verification. The term 'data' includes everything from historic paper records and photographs to digital geospatial and geophysical data, such as CAD drawings, electromagnetic location (EML) and ground-penetrating radar (GPR) data, point clouds and 3D models for use in augmented reality applications.

While centred on utility surveys, the guidance will be applicable to other types of survey, especially those using mass-data capture methods such as 3D laser scanning, LiDAR and unmanned aerial systems (drones). The guidance is specifically aimed at surveyors working in the UK, but will also be of use to international surveyors in considering the many facets of data management. Client organisations may also find the guidance useful when commissioning surveys. 


Data and risk

Without appropriate measures in place, data can be easily copied, compromised through unauthorised changes, leaked or unintentionally disclosed, this is of particular concern where the data being collected is sensitive. There are three main areas of risk to consider:

■ Physical - Where? From the location of the survey site to the office where the data is processed and archived, are there any risks you need to be aware of?
■ Personnel - Who? From the individuals capturing the data on site to the processing and creating of models, to storage and exchange, are there any risks around who has access to the data?
■ Technical - What? From the equipment and software being used to capture and process the data to how it is stored and disseminated, are there any risks you should be considering?


By considering these three areas at each stage of the survey, the risks to the security of sensitive data can be managed holistically, across the project lifecycle.