Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Encryption of non-university owned laptops

From: Roger A Safian <r-safian () NORTHWESTERN EDU>
Date: Tue, 26 Jun 2012 20:20:17 +0000
While our policy doesn't specify who needs to own the laptop, if it has PII, it needs to be encrypted.  We also provide 
the software to do so.

http://www.it.northwestern.edu/policies/dataencryption.html
http://www.it.northwestern.edu/software/pgp/pgp-whole-disk-encryption.html


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steve 
Werby
Sent: Tuesday, June 26, 2012 2:46 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Encryption of non-university owned laptops

Can any of you provide examples of institutions which have required encryption of personally owned laptops used by 
employees to store confidential university data?

I'm interested in details about those which have done so successfully (beyond just implementing an administrative 
policy) and those who have tried, but have not succeeded.

How was this accomplished, including the user's role, the support plan/burden, cost (not just the tool) and the impact 
(effectiveness, drop in infosec/IT's goodwill)?

--
Steve Werby
Information Security Officer
Office of Information Security (OIS)
The University of Texas at San Antonio
Previous By Date Next
Previous By Thread Next

Current thread: