Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 47 Next »

Purpose

Encryption encodes information in such a way that unauthorized parties should be unable to read it. This helps to prevent compromises to the confidentiality and integrity of your data and is a part of robust, multi-layered security approach. Whether it is a compromised desktop, or a lost mobile or storage devices, encryption ensures that your data remains accessible to only you and your team.


Audience

FACULTY RESEARCHERS ADMIN STAFF IT STAFF STUDENTS


On this page

 Expand to view table of contents.

Initial considerations

Not all encryption algorithms are the same. AES-128 bit (or equivalent) is the absolute minimum you should consider. AES-256 bit or greater is preferred.

Determine your data's classification.

  • Classifying your data is the first step to knowing what safeguards are required to securely store your data.

    • Classify data

    • Level 3 and level 4 data must be stored on a secure server or must be encrypted at rest on a laptop, mobile device, or removeable storage.

Consult with your local IT group.


What can I do?

Enable or install full-disk encryption packages.

Windows (institutionally managed).

Windows (self-managed).

MacOS (self-managed).

Linux (self-managed).

Android (self-managed).

iOS (self-managed).

Cross-platform.

Encrypt at the file or folder level.

ZIP files can be transferred across platforms.

Windows.

MacOS.

Linux.

Cross-platform.

Use a self-encrypting device (SED).

Servers.

  • Where possible, order SED storage drives and motherboards supporting Trusted Platform Module (TPM).

Storage.


  • No labels