🎓 Purpose
Encryption encodes information in such a way that unauthorized parties should be unable to read it. This helps to prevent compromises to the confidentiality and integrity of your data and is a part of robust, multi-layered security approach. Whether it is a compromised desktop, or a lost mobile or storage devices, encryption ensures that your data remains accessible to only you and your team.
👥 Audience
FACULTY RESEARCHERS ADMIN STAFF IT STAFF STUDENTS
🔖 Contents
Initial considerations
Not all encryption algorithms are the same. AES-128 bit (or equivalent) is the absolute minimum you should consider. AES-256 bit or greater is preferred.
Determine your data's classification.
Classifying your data is the first step to knowing what safeguards are required to securely store your data.
Level 3 and level 4 data must be stored on a secure server or must be encrypted at rest on a laptop, mobile device, or removeable storage.
Consult with your local IT group.
Your department or division may support or recommend specific encryption solutions.
\uD83D\uDCD8 What can I do?
Enable or install full-disk encryption packages based on your Operating System.
Windows (institutionally managed).
Bitlocker.
Pre-installed but might need to be enabled.
Contact your Local IT group for support.
Windows (self-managed).
Bitlocker.
Pre-installed but might need to be enabled.
MacOS (self-managed).
Filevault.
Pre-installed but might need to be enabled.
Linux (self-managed).
Various options; distribution dependent.
Contact your Local IT group for assistance managing encryption on Linux systems.
Common solutions include:
Android (self-managed).
File-based encryption by default when lock screen enabled.
iOS (self-managed).
File-based encryption by default when lock screen enabled.
Cross-platform.
Various options.
Contact your Local IT group for assistance managing encryption through other third-party options.
Common solutions include:
Encrypt at the file or folder level.
ZIP files can be transferred across platforms.
Windows.
7-Zip.
MacOS.
Encrypted DMG (MacOS only) or ZIP files.
ZIP.
DMG.
https://support.apple.com/en-ca/guide/disk-utility/dskutl11888/mac
Scroll to “Create a secure disk image”.
Linux.
Contact your Local IT group for assistance.
Common solutions include:
Cross-platform.
Contact your Local IT group for assistance.
Common solutions include:
Use a self-encrypting device (SED) to supplement full-disk or file level encryption.
Servers.
Where possible, order SED storage drives and motherboards supporting Trusted Platform Module (TPM).
Storage.
External drives
USB keys
🔍 Search
✉️ Additional help
General
Researchers
https://security.utoronto.ca/services/research-information-security-program/