University Systems help centre
Information security
In order to help mitigate risks to information associated with physical loss or theft, computer hard drives (and other devices such as USB keys and flash drives) can be encrypted to prevent unauthorized access to information. Whole Disk Encryption (WDE) is centrally supported by University Systems and provides benefits such as encrypting an entire hard disk, central management, policy enforcement, encryption key management, and recovery.
WDE protects your files if your computer is lost or stolen. If someone tries to break into your system to retrieve files, they will not be able to access the computer as long as they do not have your passphrase. This is most useful for laptop computers and desktop systems with confidential data.
WDE is limited to protecting the files while they are on your computer. It does not provide encryption to files that are:
- sent via email;
- kept on a separate flash drive/thumb drive/USB drive/floppy disk (which was not explicitly encrypted with WDE); or
- moved over the network via shared folders.
When you move an encrypted file off of your computer, it is no longer encrypted. If an encrypted computer is left unattended while the user is logged in, the files are accessible and the data is not protected.
The best protection of university data from physical loss or theft is to avoid storing it on a computer, smart phone, or USB device.
Note: PGP was the recommended Whole Disk Encryption software until 2013. The PGP service is no longer available. If your computer does not meet the system requirements to use the currently recommended encryption software above, please contact the Computer Help Desk for alternative options.
Notice for travellers: This software contains encryption technology, which is restricted in some countries. Some countries may require a permit to bring encrypted devices into the country. University Systems recommends that any persons planning on travelling to a foreign country with an encrypted device should contact prior to departure. |