Data Security
University data are maintained and represented in various forms including electronic storage, screen display, and printed copy. Each member of the University has an obligation to safeguard University data to ensure their confidentiality, integrity, and availability. University confidential data should be stored or transported on mobile computing devices or media (e.g., laptops, tablets, flash drives, CD-ROM, DVD) only as needed to conduct University business. When confidential data are stored on such devices, the data should be protected from disclosure in the event of device/media loss using commercially available data encryption products.
The most effective means of complying with the University Data Policies is to not store sensitive data on mobile devices or media. Instead, secure remote access protocols such as Remote Desktop or Secure Shell (SSH) can be used to connect to a University server or your office workstation where University confidential information is stored.
If you would like to read the University's official data policy, it can be found here.
Full Disk Encryption
| Vendor | Utimaco | PGP Corporation | Guardian Edge | Microsoft |
|---|---|---|---|---|
| Product | SafeGuard Easy Hard Disk Encryption | PGP Whole Disk Encryption | Hard Disk Encryption | BitLocker Drive Encryption |
| Price* | $240 | $140 | $140 | Included |
| Compatibility | Windows | Win XP, SP1, SP2, 2000, SP4, Mac OS X 10.4 |
Windows | Windows Vista Ultimate and Enterprise |
| Encrypts the entire hard drive | Yes | Yes | Yes | No - Boot partition not encrypted |
| Encrypts temporary, swap and hibernation files | Yes | Yes | Yes | Yes |
| System supports multiple drive partitions | Yes | Yes | Yes | No |
| System shall be able to encrypt removable devices | Yes | Yes | Yes | No |
| System must be FIPS 140-2 compliant |
Yes | Yes | Yes | Yes |
| System must use the Advanced Encryption Standard (AES) algorithm with 128 or 256 bit key capability | AES-128/ AES-256 |
AES-256 | AES-128/ AES-256 |
AES-256 |
| System must support secure login using system facility (prompt for a password at boot) | Yes | Yes | Yes | Yes |
| System must allow different users to authenticate to a single shared hardware device (different user profiles) | Yes | Yes | Yes | Yes |
| Provides password recovery option | Yes | Yes | Yes | Yes |
* Quoted price; be sure to check for volumes discounts.
File Encryption
| Vendor | Product | Description | Compatibility | Price | |
|---|---|---|---|---|---|
| Microsoft | Encrypting File System | Windows | Free | ||
| TrueCrypt Foundation | TrueCrypt | Windows Linux | Free | ||