A Message from the CIO on Addressing Device Encryption

Patrick Phelan's picture

Dear Colleagues,

This brief document provides guidance to all UCSF staff for the most common devices used in the process of performing work for UCSF; whether those devices are encrypted natively (i.e. from the factory) or if they require action on your part to ensure they are encrypted. This is not intended to be comprehensive as there are too many permutations. Remember, ultimately you are personally responsible and accountable to ensure that any device you use to perform any work associated with UCSF is encrypted.

Common Natively Encrypted Devices Connected to UCSF Email (i.e. do not require action on your part to encrypt)

  • Apple iPhones 3GS and newer
  • All Apple iPads
  • Windows phones

Common Devices That Require Action by You to Encrypt or to Validate Encryption

  • Android phones and tablets from version 3.x and newer
  • Windows laptops and tablets
  • Windows desktop computers at your private residence
  • Apple MacBook and MacBook Pro laptops
  • Apple desktop computers at your private residence
  • External storage drives
  • USB Memory Sticks, Flash Drives, SD Cards
    • Most are not encrypted so the recommendation is to discontinue use of any of these drives for UCSF purposes unless they are natively encrypted (i.e. encrypted from the factory), and clearly marked as encrypted
  • Optical disks such as DVDs and CDs

Sources of Assistance:

  • For any questions, assistance to encrypt or to validate your device is encrypted you may contact the UCSF IT Service Desk at 514-4100.
  • For personal devices that you use to perform work for UCSF you may:

Finally, it is important to reiterate that you are personally responsible and accountable to ensure that any device, used for UCSF training, research, clinical or other work, personal or UCSF-provided, is encrypted. The information in this flyer is intended to provide assistance in meeting this obligation and does not cover all scenarios you must consider.


Joe R. Bengfort


**Please click here for our FAQ page **