APPENDIX TO POLICY
Device Encryption Standard
Use data encryption to prevent unauthorized access to University information stored on IT resources. Encryption protects the data from unauthorized access when the device is lost or stolen.
Single-user Device (e.g., desktop, laptop, USB flash drive, mobile phone)
The following table defines the baseline security controls for encryption of single-user systems.
|DE.A.01||Encrypt the data||Required||Required||Recommended|
|DE.A.02||Encrypt the entire disk||Required||Recommended||Recommended|
|DE.A.03||Encrypt mobile devices||Required||Recommended||Recommended|
|DE.A.04||Encrypt removable media (e.g., USB)||Required||Recommended||Recommended|
|DE.A.06||Protect encryption keys from unauthorized access||Required||Required||Recommended|
This standard applies to IT resources owned or contracted by the University. This also applies to personally owned devices authorized to store University data designated as private-highly restricted or private-restricted .
This standard applies to University community members who use or manage University IT resources.
More information Device Encryption
- November 2014