PGP Whole Disk Encryption

VPAF Technology Systems and Services has begun a new strategic initiative to protect confidential data while it is stored on computer hard disks, including laptops, which are particularly vulnerable to loss or theft. Identified staff throughout the Administration and Finance division will have PGP® Whole Disk Encryption installed on their computers. This software will protect information stored on those computers’ hard disk drives by encrypting every byte of data.

Computer systems store significant amounts of sensitive information and can be targets for thieves. Mobile computers have become essential for increasing user productivity and efficiency, but the portable nature of these devices increases the possibility of loss or theft. If a system is ever stolen, lost or compromised, the university may be exposed to risk of financial loss, legal penalties, and brand damage. For these reasons, VPAF-TSS will deploy PGP Whole Disk Encryption to protect university data, as a component of a broader approach to security.

Staff who maintain or access data protected by law, as well as confidential and personal information should have PGP Whole Disk Encryption installed on their computer. Examples of these types of information include, but are not limited to, credit card numbers, banking information, social security numbers, medical information, law enforcement data, student grades, personnel records, etc. All laptops should also have PGP Whole Disk Encryption installed.

Each VPAF Departmental Director has provided VPAF Technology Systems and Services with the names of the individuals who should have this software installed.

PGP Whole Disk Encryption transparently locks down the entire contents of a laptop, desktop, or a folder located on a server, ensuring that in the event of loss, the data stored on those systems cannot be exposed to anyone outside the university. This encryption runs as a background process that is entirely transparent, automatically protecting valuable data, even in hidden and system files, without requiring you to take additional steps.

PGP Whole Disk Encryption requires individuals to authenticate with their PGP Whole Disk Encryption passphrase when they turn on their computer, before Microsoft Windows even starts. Once they have authenticated, on-the-fly decryption and encryption is enabled and their computer will continue with the normal startup process, which will look and behave exactly as before.

PGP Whole disk encryption will not affect the use of any applications. While individuals are logged in to their system, all applications, including email and other network software, run unaffected. The encryption/decryption is entirely transparent to application activity.