Encryption uses a mathematical algorithm to scramble readable text that cannot be read unless the reader has the key to "unlock," or convert, the information back to its readable form. This means that your sensitive data cannot be accessed without you providing a password.
It is the easiest and most practical method of protecting data stored or transmitted electronically and is particularly essential with sensitive data.
Even a single failure to encrypt sensitive data, whether through e-mail or via a stolen flash drive or laptop, can result in a security breach with criminal or civil liabilities and irreparable harm to finances and the reputation of the university.
The following items—while not a comprehensive list—are examples of sensitive data:
- Social Security numbers
- Credit card numbers
- Bank account information
- Driver's license numbers
- Patient and student information (HIPAA/FERPA)
- Proprietary research and legal data
ITCS Recommends the Following Data Encryption Tools
Transfer and Store Sensitive Files
IronKey Encrypted Flash Drives. Secure, hardware-encrypted, tamper-resistant and password-protected. You will need to determine your storage capacity needs (e.g. 4GB or 8GB); the basic version is recommended. There are several suppliers of this device including IronKey, NewEgg and CDW-G.
Encrypt a Drive
BitLocker Drive Encryption. Included with all Windows 7 Ultimate and Enterprise edition PCs, BitLocker encrypts an entire drive rather than individual files. A drive can be password-protected, decrypted or BitLocker can be temporarily suspended at any time by the authorized user. Visit the Microsoft.com BitLocker page for instructions to turn on BitLocker encryption.
Guardian Edge Hard Disk Encryption. Guardian Edge encrypts every file on the hard drive and renders it useless if unauthorized access is attempted, especially important with computer thefts on the rise. Learn more at the Symantec Endpoint Encryption.
TrueCrypt. Available as a free download, this software encrypts data on most any device, including portable—and easily lost or stolen—devices such as laptops, smartphones and flash drives. Visit the TrueCrypt website to learn more.
Encrypt Data Files
WinZip. Good for encrypting, compressing (reducing the file size) and sharing individual files. Learn more at the WinZip website.
Encrypt Email Messages and Attachments
IronPort. If you have to send sensitive information, such as HIPAA or FERPA data, to an entity outside of the ECU network, then IronPort is a solution for your encrypted correspondence. Learn more at the email encryption page.
WinZip. If your email attachment(s) contain sensitive information, then WinZip is a solution for encrypting, reducing the size, and sharing these files. Learn more at the WinZip website.
For additional options or more information, please request a consult through the IT Help Desk at https://ithelp.ecu.edu or 252.328.9866.