Search Google Appliance

Encryption is a method of securing data by scrambling the bits of a computer's files so that they become illegible. The only method of reading the encrypted files is by decrypting them with a key; the key is unlocked with a password.

Available To 
Students, Faculty, Staff, Affiliates

Benefits and key features

Whole disk encryption protects everything on a disk drive – including the operating system. Even files you may not know about that keep exact copies of data that you've been working on, such as temporary files are encrypted.

  • Data is protected while a computer is turned off or in sleep mode, as long as the hard disk is password protected.
  • Most useful on hardware that is likely to be lost or stolen (e.g., laptops and USB drives), but can be enabled on desktops as well.
  • A key recovery process is available for managed computers in the WIN domain in the event of a lost password.
  • The whole disk can be decrypted with the assistance of a local IT administrator.
  • Users who are not in the WIN domain must save their password and key in a safe place, such as LastPass.
  • Encryption does not protect a machine against malware.


Windows 7, 8 or 10
Mac OS X 10.9 or later

Getting started

Note: Visit Encryption at MIT to learn about options and recommendations. Contact IS&T if you are unsure whether you should be using whole disk encryption for compliance with data security regulations.

Note: PGP is no longer being offered on the software grid. Support is being phased out and will discontinue at the end of 2016.