- Created by Michael Laurentius, last modified on Mar 26, 2024
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 51 Current »
Purpose
Encryption encodes information in such a way that unauthorized parties should be unable to read it. This helps to prevent compromises to the confidentiality and integrity of your data and is a part of robust, multi-layered security approach. Whether it is a compromised desktop, or a lost mobile or storage devices, encryption ensures that your data remains accessible to only you and your team.
Audience
FACULTY RESEARCHERS ADMIN STAFF IT STAFF STUDENTS
On this page
Initial considerations
Not all encryption algorithms are the same. AES-128 bit (or equivalent) is the absolute minimum you should consider. AES-256 bit or greater is preferred.
Determine your data's classification.
Classifying your data is the first step to knowing what safeguards are required to securely store your data.
Level 3 and level 4 data must be stored on a secure server or must be encrypted at rest on a laptop, mobile device, or removeable storage.
Consult with your local IT group.
Your department or division may support or recommend specific encryption solutions.
What can I do?
Enable or install full-disk encryption packages.
Windows (institutionally managed)
Bitlocker
Pre-installed but might need to be enabled.
Contact your Local IT group for support.
Windows (self-managed)
Bitlocker
Pre-installed but might need to be enabled.
MacOS (self-managed)
Filevault
Pre-installed but might need to be enabled.
Linux (self-managed)
Various options; distribution dependent.
Contact your Local IT group for assistance managing encryption on Linux systems.
Common solutions include:
Android (self-managed)
File-based encryption by default when lock screen enabled.
iOS (self-managed)
File-based encryption by default when lock screen enabled.
Cross-platform
Various options.
Contact your Local IT group for assistance managing encryption through other third-party options.
Common solutions include:
Encrypt at the file or folder level.
ZIP files can be transferred across platforms.
Windows
MacOS
Encrypted DMG (MacOS only) or ZIP files.
ZIP
DMG
https://support.apple.com/en-ca/guide/disk-utility/dskutl11888/mac
Scroll to “Create a secure disk image”.
Linux
Contact your Local IT group for assistance.
Common solutions include:
Cross-platform
Contact your Local IT group for assistance.
Common solutions include:
Use a self-encrypting device (SED).
Servers
Where possible, order SED storage drives and motherboards supporting Trusted Platform Module (TPM).
Storage
External drives
USB keys
Search
Additional help
General
Researchers
https://security.utoronto.ca/services/research-information-security-program/
Related articles
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
- No labels