UD identifier bar

Encrypt Your Sensitive Data

Home Page

On this page

Introduction

Steps for encrypting your files

Department policies

Minimum requirements:
  Windows systems
  Macintosh systems

Data Encryption Pages

Encrypt Windows data

Back up Windows encrypted data

Back up a Windows certificate

Restore a Windows certificate

Encrypt Macintosh data

Related Information

How to back up Windows data to external media

UD Information Security Policy

Departmental Information and Records Management Policies


IT Help Center
Last Updated: 12/1/05
Copyright 2005
University of Delaware

Introduction: Encrypt your files

To better protect the sensitive data that the University of Delaware collects, all computers containing files with Personal Non-Public Information (PNPI) should now have those files encrypted.

Encryption is the process of securing data so that it can be used only by those who should have access to it. If a computer is stolen or used by someone without permission, encrypted files and folders will be inaccessible.

Encryption is supported by default in the Windows 2000, XP Professional, and MacOS X operating systems. After enabling encryption, you should notice no change in your workflow. Information Technologies recommends that if you have sensitive data, you store that data in a single folder (Windows) or a single disk image (Macintosh) and then encrypt the folder or disk image. This will ensure that the information is encrypted when not in use.

Special notes for Windows users:

  • If your computer is part of a department's Windows domain structure, consult with your department's CITA for encryption instructions.
  • The standard Windows encryption does not allow you to share an encrypted file and retain the encryption. If you wish to share encrypted Windows files with other users, use the freeware program AxCrypt to encrypt your files.
  • AxCrypt works on individual files, not on folders, but will work on all Windows XP and 2000 systems--even those that are part of a Windows domain structure.

Back to Top

Steps for encrypting your files

Below are the steps you will take to encrypt your data. You will only do steps 1 and 2 once. Step 3—backing up your data—should be done on a regular basis.

  1. Check the minimum requirements for your computer.
  2. Encrypt the contents of your folder.
  3. Back up the encrypted data.

Back to Top

Policies for University departments

  • Information Technologies recommends that all data containing Personal Non-Public Information (PNPI) should be stored in a single folder such as "My Documents" and that the folder should be encrypted.

  • Supervisors are required to retain a working list of all passwords for Windows accounts that use encryption. In addition, supervisors should also store exported encryption certificates in a secure, locked location.
  • Physical backups (CD, USB flash drive, Zip drive, etc.) that contain PNPI must be stored in a secure, locked location.

  • An office or department should store physical backups in a place separate from the passwords and certificate backups.
  • Two University policies have direct bearing on encrypting your data:

    • 1-13: Departmental Information and Records Management Policies

    • 1-15: UD Information Security Policy

Back to Top

Minimum requirements

Windows computers

To encrypt the contents of a folder on a Windows system:

  • You must be running either Windows XP Professional or Windows 2000 Professional.
  • The hard disk must be formatted as NTFS.

To determine if your system meets the minimum requirements:

  1. Identify your operating system:
    1. On the Start menu, right-click My Computer.
    2. In the box that appears, click Properties.

      You will see a window like the one below. Your operating system is listed under System (see the circled area below).

      system properties

    3. Click OK to close the window.

  2. Identify how your disk is formatted:
    1. On the Start menu, click My Computer.

    2. Right-click the C drive.

      You will see a window like the one below. The file system is identified on the General tab (see the circled area below).

      determine how disk is formatted

    3. Click OK to close the window.

Back to Top

Macintosh computers

To encrypt the contents of a disk image on a Macintosh system, you must be running Apple OS X 10.3 or higher.

To identify your operating system, click About This Mac on the Apple menu. You will see a window like the one below:

About this Mac window

Back to Top