Re: AES-256 and Sensitive Documents

["Hanson, Mike" <mhanson () CSS EDU>]

Hi Ron,

We have been using Virtru for applications like this. Easy for our
employees, student's and parents to use.

Mike

Mike Hanson, CISSP
Network Security Manager
The College of St. Scholastica
Duluth, MN 55811
mhanson () css edu

On Wed, Nov 28, 2018 at 1:30 PM Ronald Loneker <rloneker () cse edu> wrote:

> Good Afternoon All -
>
> Our Financial Aid office would like to have students and their parents,
> when e-mailing financial aid documents containing sensitive information, to
> comply with federal regulations saying the documents should be e-mailed
> with AES-256 encryption.
>
> Since TLS 1.3 was released and is now in use in Chrome, the TLS 1.3
> protocol uses only AES-128 encryption so we're considering asking our
> students and their parents, if e-mailing sensitive documents, to encrypt
> them with a yet to be decided encryption application at the AES-256 level
> and attach the encrypted file to the e-mail being sent to our Financial Aid
> office.  We would provide links to easy to use, free encryption software
> and provide directions on how to download, install and use it.  We are also
> considering adding this software to our computer lab images for those
> students who want to e-mail documents but don't have access to a computer
> at home.
>
> Right now, the other web browsers seem to be using TLS 1.2, currently
> operating at the AES-256 level, with Firefox and Safari saying they expect
> to move to TLS 1.3 in the near future at some point.
>
> I'm curious as to what other schools are doing, and whether they are
> putting any sort of language on their website saying that documents like
> this should be encrypted to prevent unauthorized access to the data.
>
> *Please note that I am not looking for vendor solicitations.*
>
> Ron Loneker, Jr.
> Director, IT Special Projects
> College of Saint Elizabeth
> Henderson Hall, Room 202C
> 2 Convent Road
> Morristown, NJ  07960
>
> Phone:  973-290-4229
>
> e-mail:  rloneker () cse edu