New and Changing: Updates from AIT

Posted February 28, 2017 by
Tags: Security

Disk Encryption for College-Owned Computers

Effective Date: March 2017

As part of an ongoing effort to enhance security and protect College data and student and employee personal information, we will begin encrypting the hard drives of College-owned computers issued to employees with access to sensitive data. This will help prevent data from being accessed if a device is lost or stolen by providing another layer of security.

Disk encryption for employee computers is one of the security measures recommended by GreyCastle Security after a security risk assessment last year.

Rationale

  • Full disk encryption protects data when it's "at rest," meaning stored on your computer's hard drive. This protects your data if your computer is lost or stolen. Without disk encryption, it is possible for criminals to connect your computer's hard drive to another device and access your information. You can learn more about encryption here.
  • Disk encryption is required for Wheaton College compliance with HIPAA, HITECH, and FERPA security policies.

Impact on College Community

  • Employees who access sensitive data will have their College-owned computers configured to require a login PIN as soon as the computer powers up and prior to the operating system loading.
  • College-owned Mac computers will be encrypted using FileVault and College-owned Windows computers will be encrypted using Bitlocker.
  • If this policy applies to you, we will contact you with further instructions during March 2017. Your computer may need some hardware upgrades prior to encryption.

If you have any questions or concerns, please contact Academic and Institutional Technology at 630.752.4357 (HELP) or by email at ait.service.desk@wheaton.edu.