What is encryption? Why do I need it?
Encryption is the process of encoding information so that only authorized persons can read it. It is used to protect confidential and legally protected data. If an unencrypted laptop, tablet, smartphone, or other device is lost or stolen, and if it contained legally protected information, you or the University might be held liable for damages, you could be sent to prison, or the University could take corrective action against you.
The UCSF Minimum Security Standards state, “Given the prevalence of restricted data in the UCSF environment, all endpoints (desktops, laptops, and mobile devices including smartphones and tablets) used for UCSF business must be encrypted." UCSF Minimum Security Standards for Electronic Information Resources
What devices need to be encrypted?
Almost all devices used for UCSF business, research, or studies.
This is true:
- whether or not they are owned by UCSF
- whether or not the device currently contains legally protected data
- whether or not the device is likely to contain legally protected data in the future
What devices do not need to be encrypted?
- Devices that are *never* used for UCSF business, research, or studies.
- Devices that are used for UCSF business, research, or studies and which do not contain legally protected data and which are incompatible with encryption solutions provided by UCSF IT. These devices don’t need to be encrypted, but you must complete and submit the Request device encryption waiver for each one.
You must report lost or stolen devices.
You are legally obligated to report a lost or stolen device used for UCSF business, research, or studies:
- whether or not UCSF owns it
- whether or not it contains legally protected data
- whether or not you know if it contains legally protected data
- whether or not it was encrypted
Devices include: desktop computers, laptop computers, tablet computers, smartphones, cdroms, dvdroms, floppy disks, and any media that can store data.
Including desktops and laptops for Mac and Windows:
Encrypting smartphones and tablets
|iPhone and iPad (iOS)||
|Android, Microsoft, & BlackBerry||
Please follow the instructions for setting up your UCSF email on your phone; that will also ensure your phone is encrypted.
If needed, contact the IT Service Desk for help.
Encrypting USB drives, CDroms, DVDroms, floppy disks, etc.
Do both of the following:
Move the data to an encrypted device
Copy the data to your encrypted desktop or laptop computer. Or:
- Buy an encrypted portable storage device. (See Buy Recommended Security Products?)
- Copy the data from the original device to the new device.
Destroy or securely remove the data from the original device
- If you can securely erase the original device, you may use it for things other than UCSF business, research, or studies.
- If you cannot securely erase the original device, send it to be securely destroyed. See Drive, Tape, and Data Destruction.
Other useful Encryption Links:
Contact the IT Service Desk.