Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Purpose
Encryption encodes information in such a way that unauthorized parties should be unable to read it. This helps to prevent compromises to the confidentiality and integrity of your data and is a part of robust, multi-layered security approach. Whether it is a compromised desktop, or a lost mobile or storage devices, encryption ensures that your data remains accessible to only you and your team.
Audience
Status | ||
---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
Status | ||||
---|---|---|---|---|
|
On this page
Expand | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||
|
Initial considerations
Note |
---|
Not all encryption algorithms are the same. AES-128 bit (or equivalent) is the absolute minimum you should consider. AES-256 bit or greater is preferred. |
Determine your data's classification.
Classifying your data is the first step to knowing what safeguards are required to securely store your data.
Level 3 and level 4 data must be stored on a secure server or must be encrypted at rest on a laptop, mobile device, or removeable storage.
Consult with your local IT group.
Your department or division may support or recommend specific encryption solutions.
What can I do?
Enable or install full-disk encryption packages.
Windows (institutionally managed)
.Bitlocker.
Pre-installed but might need to be enabled.
Contact your Local IT group for support.
Windows (self-managed)
.Bitlocker.
Pre-installed but might need to be enabled.
MacOS (self-managed)
.Filevault.
Pre-installed but might need to be enabled.
Linux (self-managed)
.Various options; distribution dependent.
Contact your Local IT group for assistance managing encryption on Linux systems.
Common solutions include:
Android (self-managed)
.File-based encryption by default when lock screen enabled.
iOS (self-managed)
.File-based encryption by default when lock screen enabled.
Cross-platform
.Various options.
Contact your Local IT group for assistance managing encryption through other third-party options.
Common solutions include:
Encrypt at the file or folder level.
Info |
---|
ZIP files can be transferred across platforms. |
Windows
.7-Zip.
MacOS
.Encrypted DMG (MacOS only) or ZIP files.
ZIP.
DMG.
https://support.apple.com/en-ca/guide/disk-utility/dskutl11888/mac
Scroll to “Create a secure disk image”.
Linux
.Contact your Local IT group for assistance.
Common solutions include:
Cross-platform
.Contact your Local IT group for assistance.
Common solutions include:
Use a self-encrypting device (SED).
Servers
.Where possible, order SED storage drives and motherboards supporting Trusted Platform Module (TPM).
Storage
.External drives
USB keys
Page Properties | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||
|
Search
Live Search | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Additional help
General
Researchers
https://security.utoronto.ca/services/research-information-security-program/
Related articles
Filter by label (Content by label) | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|