Protect Your Sensitive Data

Home Page

On this page

Introduction

Steps for encrypting your files

Department policies

Minimum requirements:
Windows systems
Macintosh systems

Data Encryption Pages

Encrypt Windows data

Back up Windows encrypted data

Back up a Windows certificate

Restore a Windows certificate

Encrypt Macintosh data

Related Information

How to back up Windows data to external media

UD Information Security Policy

Departmental Information and Records Management Policies

IT Help Center
Last Updated: 8/8/05
Copyright © 2005
University of Delaware

Introduction: Encrypt your files

To better protect the sensitive data that the University of Delaware collects, all computers containing files with Personal Non-Public Information (PNPI) should now have those files encrypted. This includes any data that could potentially identify an individual: SSN, address, birthday, mother's maiden name, etc.

Encryption is the process of securing data so that it can be used only by those who should have access to it. If a computer is stolen or used by someone without permission, encrypted files and folders will be inaccessible.

Encryption is supported by default in Windows 2000 and XP Professional. After enabling encryption, you should notice no change in your workflow. Information Technologies recommends that if you have sensitive data, you store that data in a single folder like "My Documents" and then encrypt the folder. This will ensure that the information is encrypted when not in use.

Steps for encrypting your files

Below are the steps you will take to encrypt your data. You will only do steps 1 and 2 once. Step 3—backing up your data—should be done on a regular basis.

Check the minimum requirements for your computer.
Encrypt the contents of your folder.
Back up the encrypted data.

Policies for University departments

Information Technologies recommends that all data containing Personal Non-Public Information (PNPI) should be stored in a single folder such as "My Documents" and that the folder should be encrypted.
Supervisors are required to retain a working list of all passwords for Windows accounts that use encryption. In addition, supervisors should also store exported encryption certificates in a secure, locked location.

Physical backups (CD, USB flash drive, Zip drive, etc.) that contain PNPI must be stored in a secure, locked location.

An office or department should store physical backups in a place separate from the passwords and certificate backups.

Two University policies have direct bearing on encrypting your data:
- 1-13: Departmental Information and Records Management Policies
- 1-15: UD Information Security Policy

Minimum requirements

Windows computers

To encrypt the contents of a folder on a Windows system:

You must be running either Windows XP Professional or Windows 2000 Professional.
The hard disk must be formatted as NTFS.

To determine if your system meets the minimum requirements:

Identify your operating system:

On the Start menu, right-click My Computer.

In the box that appears, click Properties.
You will see a window like the one below. Your operating system is listed under System (see the circled area below).

Click OK to close the window.

Identify how your disk is formatted:

On the Start menu, click My Computer.
Right-click the C drive.

You will see a window like the one below. The file system is identified on the General tab (see the circled area below).

Click OK to close the window.

Macintosh computers

To encrypt the contents of a disk image on a Macintosh system, you must be running Apple OS X 10.3 or higher.

To identify your operating system, click About This Mac on the Apple menu. You will see a window like the one below:

About this Mac window