Encryption can be described as the "locking" (or encoding) of data into a format that cannot be easily deciphered by individuals who don't have the key. It is used as a secure way to store on electronic media or to transfer files using an unsecure network (such as the Internet). Encryption provides safe harbor in most situations as it prevents unauthorized access to the data; computers or files that are properly encrypted with a key that is kept securely are effectively useless in the hands of an unauthorized user.
UT Arlington employees are required to:
- Install full disk encryption on any University owned laptop, high risk desktop, or on any computer that has been purchased after September 1, 2013.
- Use encryption if you absolutely must store confidential data on a portable device (tablet, smartphone, etc.) or storage (CD, DVD, thumb drive, hard drive, etc.).
- Implement encryption if you plan to transfer confidential data electronically over the Internet or any non-secure network.
- Limit access to the encryption keys and data to those with a legitimate need to know, following least privilage principles.
- Incorporate encryption if you need to capture, store, transmit or otherwise process confidential information in a application or database.
- Ensure that encryption is used if you need to store confidential data on a non-UT Arlington owned device (e.g. personal computer, server, cloud service, etc.).
UT Arlington is subject to a number of federal regulations including FERPA and GLBA, and state laws that may be broken if unauthorized disclosure of confidential information occurs. Importantly, unauthorized disclosure of personally identifiable information (such as Social Security Numbers) can lead to identity theft.
- Before you share any data with any one, always receive appropriate authorizations your management at UT Arlington. Any data being transferred to a third party must have a OGC approved confidentiality agreement from vendors that ensures that the data will be kept secure in a manner consistent with UT Arlington, UT System, State of Texas and Federal policies and regulations.
- Important: Full disk encryption is designed to make data recovery difficult, if not impossible. If your hard drive (or other media) fails you may not be able to recover any of the data on it even with professional help. You must make backups of your data onto secure and approved locations.
- Look for "https" in the address bar of your web browser, this indicates that information will be passed over the Internet securely.
- Use secure file transfer protocol to transfer confidential files.
- Do not forget your password (key) once you have implemented encryption. If the password is lost there can be no reasonable expectation that you will be able to access that information ever again! If your computer is encrypted with UT Arlington SecureDoc, the key is escrowed (saved) on the SecureDoc server.
- Always use a strong encryption algorithm like AES (some encryption algorithyms are now obsolete!).
- Always use a strong password, change it periodically and protect it.
- Encryption may not be practical in certain situations and you should always consult the Information Security Office in order to design compensatory controls.
For more information download the UT System Encryption Practices Bulletin.
If you need help implementing encryption on your University owned computer, contact the OIT Help Desk.