Encryption is a method of securing data by scrambling the bits of a computer's files so that they become illegible. The only method of reading the encrypted files is by decrypting them with a key; the key is unlocked with a password.
Benefits and key features
Whole disk encryption protects everything on a disk drive – including the operating system – as well as USB flash and other external drives. Even files you may not know about that keep exact copies of data that you've been working on, such as temporary files are encrypted.
- Only protects the data when the machine or device is turned off, or you have logged off
- Most useful on machines or peripherals that are likely to be lost or stolen (e.g., laptops and USB drives), but can be installed on desktops as well
- Offers no protection for malware (computer virus) infections
- Protects the information on the device with a login password
- PGP Desktop uses key escrow to decrypt if a password is lost or forgotten
- Users should remember to save the password in a safe place
- FileVault for Mac
- Encryption on mobile devices: for smaller devices, such as a tablet or smartphone, data can be encrypted using built-in security software. Each device handles this differently, so refer to the manufacturer's user manual.
Read Encryption at MIT to learn about the options and recommendations. If you are unsure whether you should be using whole disk encryption for compliance with data security regulations, contact IS&T via email@example.com.
Start using the software
- Mac: Enable FileVault on Mac OS X 10.9 and up. These links guide you through the set-up process.
- Windows: PGP Note: PGP is no longer being offered on the software grid. Support is being phased out and will discontinue at the end of 2016.
- Mobile devices: See our Mobile Device Support page to find out about enabling encryption on your mobile device.
Contact the IS&T Help Desk for assistance with any of the above-listed options.