The security of your data is its protection from unauthorised access. Legal, ethical, and institutional requirements are usually placed on research projects in addition to your own desire for data security.
The European General Data Protection Regulation (GDPR) protects personal data by defining which aspects are especially sensitive and how researchers and other people can collect or manage such data. While it is European in nature, it applies for foreign researchers working with European data. The Swiss Federal Act on Data Protection (FADP) also applies to researchers based in Switzerland and Swiss subjects abroad.
Your research data management and storage solutions must also respect your contractual requirements. Projects funded by the Swiss National Science Foundation (SNSF) or the European Research Council (ERC) must follow their guidelines. If you use data from a third party, your contract may also include an NDA or additional conditions requiring specific security measures regarding data storage and access.
More ethical aspects
Additional requirements are set by different ethical codes that may apply to your research field. The Research Ethics page created by the Research Office will help you understand them. Beyond human subjects, ethical issues can also make you wary regarding data such as geolocated information on the last specimens of an endangered species that may be targeted by poachers.
Case 1: No personal or sensitive data
Great! Do as you want! No storage solution is excluded for security reasons.
Case 2: Personal data that is not sensitive
If you plan on using cloud services, note that major players are GDPR-compliant, but this still requires you to provide your subjects with informed consent about the storage solution. Outside cloud services, you should be fine as long as you do not publish personal information.
Case 3: Sensitive data
Data about religious, political, sexual, medical, or other sensitive issues requires special care: