Encryption is a method of securing data by scrambling the bits of a computer's files so that they become illegible. The only method of reading the encrypted files is by decrypting them with a key; the key is unlocked with a password.
Benefits and key features
Whole disk encryption protects everything on a disk drive – including the operating system – as well as USB flash and other external drives. Even files you may not know about that keep exact copies of data that you've been working on, such as temporary files are encrypted.
- Only protects the data when the machine or device is turned off, or you have logged off
- Most useful on machines or peripherals that are likely to be lost or stolen (e.g., laptops and USB drives), but can be installed on desktops as well
- Offers no protection for malware (computer virus) infections
- Protects the information on the device with a login password
- PGP Desktop uses key escrow to decrypt if a password is lost or forgotten
- Users should remember to save the password in a safe place
Encryption on mobile devices: for smaller devices, such as a tablet or smartphone, data can be encrypted using built-in security software. Each device handles this differently, so refer to the manufacturer's user manual.
MIT certificates are required to download PGP.
Read Encryption at MIT to learn about the options and recommendations. If you are unsure whether you should be using whole disk encryption for compliance with data security regulations, contact IS&T via firstname.lastname@example.org.
Start using the software
Windows: If using Windows 7, download a copy of PGP Desktop from the Software Grid or obtain a copy through your desktop support staff. Students are not licensed to access the free download. This version of PGP Desktop is not compatible with Windows 8.
PGP Desktop 10 Whole Disk Encryption is provided for individuals who need to protect sensitive information on laptops and portable storage devices against physical loss or theft. PGP Desktop is offered to faculty, staff, affiliates, researchers, and graduate students who handle sensitive information in key, high-risk areas at MIT.
- Mac: Enable FileVault on OS X Lion, Mountain Lion, or Mavericks. These links guide you through the set-up process.
- Mobile devices: See our Mobile Device Support page to find out about enabling encryption on your mobile device.
Contact the IS&T Help Desk for assistance with any of the above-listed options.