Encryption Options

In the course of our work it can be necessary or required to secure sensitive data. For information on what constitutes sensitive data at the University of Alaska refer to the “Data Classification Standards: Categories” in university regulation (R02.07.094 [doc]). Keep in mind the list of options below is not exhaustive but some of the common ways available on Mac and PC systems. Additionally OIT’s Knowledge Base contains much of this information for university supported software. https://knowledge.alaska.edu

IMPORTANT: ENCRYPTED DATA WILL BE LOST IF YOU LOSE OR FORGET YOUR ENCRYPTION PASSWORD/KEY.

 The weakest link in encryption is often the password. Be sure to use a complex password that is difficult to guess, but easy to remember so you don't have to write it down. If you do write your password down, be sure you store it securely where others would never find it. University regulation (R02.07.051.J [pdf]) requires you ensure your supervisor or other authorized individual has access to any university device, file or information you encrypt via a technical or procedural means.

A note on encryption etiquette, if you receive an encrypted document you should maintain the level of security the sender applied to it. In other words only decrypt it when working with the document and do not store it unencrypted.

Encryption Tools:

Platform Tool What it does Web sites for more information Notes
Microsoft Office (Windows) Microsoft Office 2003 and later Encrypts and password protects MS Office files Refer to "Help" in MS Word, Excel, PowerPoint, etc. Available on Microsoft Office 2003 and later (PC only)
Microsoft Office 2011 (Mac OS 10.5.8 or later) Microsoft PowerPoint 2011 Encrypts and password protects PowerPoint files Office: Mac Website Microsoft Office 2011 for Mac allows encryption for PowerPoint presentations only. Excel spreadsheets and Word docs can be password protected but not encrypted.
Adobe Acrobat (Multiple Platforms) Adobe Acrobat Pro 8, 9, X Password protect and encrypt PDF documents

Acrobat Pro 8

Acrobat Pro 9

Acrobat Pro X

You can limit access to a PDF by setting passwords and encrypting document contents. Optional metadata encryption is also available to prevent document info from being discovered by search engines.
Windows 7 and Vista BitLocker Whole disk encryption

Microsoft's web site

Video instructions

Encrypts data on a hard drive and portable drives. Must be activated by someone with administrator privileges in order to be used.
Windows XP Windows Encrypting File System (EFS) File and folder encryption

Microsoft's web site

Video Instructions

Windows XP is no longer supported. Please contact the Support Center for help migrating to a newer Windows OS.
Mac OS 10.7 - 10.9 FileVault 2 Encrypts entire hard drive Apple's web site Update of FileVault (see below) that allows encryption of the entire hard drive. Allows migration and use of home directories encrypted with earlier versions of FileVault; however, you will not be able to turn on FileVault2 at the same time.
Mac OS 10.4- 10.6 FileVault Encrypts entire home directory

Apple's web site (General info only)

Instructions

 

You will have to set a master password for your computer in order to use FileVault. If you forget both your regular computer password and your master password, your data will be lost. Note: FileVault can cause the computer to run a little more slowly, and shutting down may take a little longer.
Mac OS 10.3 and higher Encrypted disk image Volume encryption Apple's web site Uses the "Disk Utility" application. An encrypted disk image acts like a password-protected folder. When the folder is closed, its contents are encrypted. When the folder is open, its contents are available. You have to close the disk image each time you are done using its contents or the files will effectively remain unencrypted. Note: Disk images are a fixed size, so you have to know how big you want it when it is created.
Android   Encrypt all data on tablet

Google's web site (scroll down to "Encrypt your tablet")

Requires setting a screen lock PIN/ password and is irreversible.
iOS 5 & 6   Encrypt all data on iPhone or iPad

Apple’s web site (page 126)

Enabling the passcode lock and setting the device to delete data after 10 failed login attempts engages content encryption.
PCs, Mac OS X, Linux

TrueCrypt

Apricorn Aegis USB Drives

Volume and file encryption

TrueCrypt (download)

Beginners Tutorial

Aegis Drives

Support discontinued and suspected to be compromised. Free encryption software that allows you to encrypt data on your computer or create an encrypted memory stick.

FIPS compliant hardware encrypted USB flash & hard drive line.

USB flash drives (data sticks)

TrueCrypt

IronKey

BitLocker to go (Windows 7 only)

Apricorn Aegis USB Drives

Partition or entire device encryption

TrueCrypt  (download)

IronKey

BitLocker to go (video instructions)

Aegis Drives

Support discontinued and suspected to be compromised

IronKey: Encrypted memory sticks that can be used with computers running Windows, Mac and Linux.

Prices start at $89 for a 1 gb memory stick.

BitLocker to go must be activated by someone with administrator privileges in order to be used.

Secure email & files PGP Send sensitive information securely

PGP Desktop Windows Quick Start Mac Quick Start

Please contact the OIT Support Center for options and assistance with sending sensitive information securely.