Encryption Options
In the course of our work it can be necessary or required to secure sensitive data. For information on what constitutes sensitive data at the University of Alaska refer to the “Data Classification Standards: Categories” in university regulation (R02.07.094 [doc]). Keep in mind the list of options below is not exhaustive but some of the common ways available on Mac and PC systems. Additionally OIT’s Knowledge Base contains much of this information for university supported software. https://knowledge.alaska.edu
IMPORTANT: ENCRYPTED DATA WILL BE LOST IF YOU LOSE OR FORGET YOUR ENCRYPTION PASSWORD/KEY.
The weakest link in encryption is often the password. Be sure to use a complex password
that is difficult to guess, but easy to remember so you don't have to write it down.
If you do write your password down, be sure you store it securely where others would
never find it. University regulation (R02.07.051.J [pdf]) requires you ensure your
supervisor or other authorized individual has access to any university device, file
or information you encrypt via a technical or procedural means.
A note on encryption etiquette, if you receive an encrypted document you should maintain the level of security the sender applied to it. In other words only decrypt it when working with the document and do not store it unencrypted.
Encryption Tools:
| Platform | Tool | What it does | Web sites for more information | Notes |
| Microsoft Office (Windows) | Microsoft Office 2003 and later | Encrypts and password protects MS Office files | Refer to "Help" in MS Word, Excel, PowerPoint, etc. | Available on Microsoft Office 2003 and later (PC only) |
| Microsoft Office 2011 (Mac OS 10.5.8 or later) | Microsoft PowerPoint 2011 | Encrypts and password protects PowerPoint files | Office: Mac Website | Microsoft Office 2011 for Mac allows encryption for PowerPoint presentations only. Excel spreadsheets and Word docs can be password protected but not encrypted. |
| Adobe Acrobat (Multiple Platforms) | Adobe Acrobat Pro 8, 9, X | Password protect and encrypt PDF documents |
Acrobat Pro 8 Acrobat Pro 9 Acrobat Pro X |
You can limit access to a PDF by setting passwords and encrypting document contents. Optional metadata encryption is also available to prevent document info from being discovered by search engines. |
| Windows 7 and Vista | BitLocker | Whole disk encryption |
Microsoft's web site Video instructions |
Encrypts data on a hard drive and portable drives. Must be activated by someone with administrator privileges in order to be used. |
| Windows XP | Windows Encrypting File System (EFS) | File and folder encryption |
Microsoft's web site Video Instructions |
Windows XP is no longer supported. Please contact the Support Center for help migrating to a newer Windows OS. |
| Mac OS 10.7 - 10.9 | FileVault 2 | Encrypts entire hard drive | Apple's web site | Update of FileVault (see below) that allows encryption of the entire hard drive. Allows migration and use of home directories encrypted with earlier versions of FileVault; however, you will not be able to turn on FileVault2 at the same time. |
| Mac OS 10.4- 10.6 | FileVault | Encrypts entire home directory |
Apple's web site (General info only) Instructions
|
You will have to set a master password for your computer in order to use FileVault. If you forget both your regular computer password and your master password, your data will be lost. Note: FileVault can cause the computer to run a little more slowly, and shutting down may take a little longer. |
| Mac OS 10.3 and higher | Encrypted disk image | Volume encryption | Apple's web site | Uses the "Disk Utility" application. An encrypted disk image acts like a password-protected folder. When the folder is closed, its contents are encrypted. When the folder is open, its contents are available. You have to close the disk image each time you are done using its contents or the files will effectively remain unencrypted. Note: Disk images are a fixed size, so you have to know how big you want it when it is created. |
| Android | Encrypt all data on tablet |
Google's web site (scroll down to "Encrypt your tablet") |
Requires setting a screen lock PIN/ password and is irreversible. | |
| iOS 5 & 6 | Encrypt all data on iPhone or iPad |
Apple’s web site (page 126) |
Enabling the passcode lock and setting the device to delete data after 10 failed login attempts engages content encryption. | |
| PCs, Mac OS X, Linux |
TrueCrypt Apricorn Aegis USB Drives |
Volume and file encryption |
TrueCrypt (download) Beginners Tutorial Aegis Drives |
Support discontinued and suspected to be compromised. Free encryption software that allows you to encrypt data on your computer or create an encrypted memory stick. FIPS compliant hardware encrypted USB flash & hard drive line. |
| USB flash drives (data sticks) |
TrueCrypt IronKey BitLocker to go (Windows 7 only) Apricorn Aegis USB Drives |
Partition or entire device encryption |
TrueCrypt (download) IronKey BitLocker to go (video instructions) Aegis Drives |
Support discontinued and suspected to be compromised IronKey: Encrypted memory sticks that can be used with computers running Windows, Mac and Linux. Prices start at $89 for a 1 gb memory stick. BitLocker to go must be activated by someone with administrator privileges in order to be used. |
| Secure email & files | PGP | Send sensitive information securely |
PGP Desktop Windows Quick Start Mac Quick Start |
Please contact the OIT Support Center for options and assistance with sending sensitive information securely. |