Secure Survey Tools
Secure alternatives to commercial survey forms
Problem
A client is concerned about the current survey tool used by their organization and is requesting our advice on a secure, alternative survey tool.
Solution
Questions to understand the client’s context and needs:
- Where are you based?
- What survey tool are you currently using? Does this solution have any special feature you need?
- Is the form sent via email or is it posted in a website or social media page?
- Do you need to create complex surveys, or do you just need to make decisions on dates and on single questions?
- Do you have your own server? Would you prefer an option hosted on your server or a third-party solution?
- Is your main concern related to how the data is collected and transferred, or are you worried about how it is stored as well? Are you worried about privacy, data leakage, compliance with standards or norms?
- Have you experience any kind of attack related to the current survey mechanism used? A suspicious message? An attempt to compromise accounts?
- Is there any standard or regulation the organization should comply with (GDRP, PCI, HIPAA, etc.)?
Recommended open source tools
-
LimeSurvey is a fully-featured open source survey tool. It can be a bit complex to learn how to manage it, but their official documentation is pretty complete. It can be self-hosted or surveys can be created in LimeSurvey’s own platform by registering an account. When setting up a survey on LimeSurvey’s platform, users can choose to host it in Germany, Canada, USA, Australia, or the United Kingdom.
- LimeSurvey user guide
- Video tutorial: Create An Effective Online Survey and Questionnaire in LimeSurvey
- If the client is using LimeSurvey’s own platform, they can use templates to prepare their first survey.
If the client owns a server and has the capacity to manage it, they can install and set up LimeSurvey in their own server. This is a little more complex to set up, but will give them the benefit of having full control of the data and how it is handled. This solution includes some further security settings that can be useful: for example, the software can run within a docker container to isolate the instance, or results can be saved in an external upload directory.
- Instructions for installing a self-hosted instance of LimeSurvey
- More information on the docker image can be found here
Tools for simple polls
-
Framadate is a free and open source tool for planning appointments or making decisions on a single topic. It is developed by the French free software association Framasoft. No registration is required. Framadate can be self-hosted or used on one of the self-managed platforms that host it.
- Framasoft’s platform (France)
- Disroot’s platform (Netherlands)
- Instructions for self-hosting
- Framadate can also be run as an app within Sandstorm (see Article #282: Recommendations on Secure File Sharing and File Storage for more details on Sandstorm).
-
Croodle is a web application to schedule a date or to do a poll on a single general topic. Stored content data like title and description, number and labels of options and available answers and names of users and their selections is encrypted/decrypted in the browser using 256 bits AES. Croodle can be self-hosted or used on Systemli’s platform.
Commercial tools
NOTE Regarding other commercial tools, please explain to the client the implications of using a commercial service:
- The data will be saved in a server owned by a third party who needs to comply with the authorities.
- The implications for the data retention and privacy policy.
-
How the data is stored and handled (is it encrypted? Who has access to the data?).
-
Using an online service like Survey Monkey is fine as long as the client is aware of the amount of trust they are putting on them. It is important to review the privacy and data retention policies. Overall, Survey Monkey is serious about privacy and is not selling data to third parties, but they still own the data and will hand over this data to the police if they receive a subpoena.
In order to get information about how the data is stored and handled, recommend that the client check Survey Monkey’s security statement.
-
If the client is using Google Forms, we should raise the same concerns as with any other commercial service regarding the risks connected to the storage of data in third-party servers and the obligation for the company to hand over data to authorities in case they receive official requests by the police or other authorities.