Encryption is the process of converting information or data into code to prevent unauthorized access. Encryption works through algorithms to convert data into cipher-text and then uses a key to lock and unlock the data.
University Executive Policy #8 states that institutional information that is categorized as confidential or regulated, and is stored, processed, shared, or transmitted on university or third-party information systems, must be encrypted. In addition, mobile devices, portable storage media, and all electronic media containing institutional confidential and regulated data must be encrypted and stored in physically secure locations.
Encryption methods must use industry-standard encryption technologies that have been validated by an established standards body such as the National Institute of Standards and Technology (NIST). Acceptable industry standard cryptographic key management practices must be appropriately managed and maintained to safeguard the cryptographic keys and to protect the integrity of the encryption processes.
Need help to ensure your data is encrypted? Contact your area technology officer or Information Security Services.
Questions? Contact: