Encryption

All members of the University have a responsibility to maintain the security of University information.
Encryption is one component of a wider set of measures to ensure that all information is appropriately secured; other controls such as ensuring adequate physical security and routine backups must also be considered.

What is encryption?

Encryption protects the confidentiality of information (data) by making it unreadable to anyone who doesn’t have the right 'key'; most commonly a passcode or password.

Using encryption helps mitigate the risk of tampering, interception and unauthorised access and disclosure in the following two ways:

  • Encrypting data at rest - protects inactive information stored on any device or network, for example files on a laptop.
  • Encrypting data in transit - protects information when actively moving from one location to another, such as across the internet or through a private network.

When should I use encryption?

University policy states that anyone storing or accessing University or personal information on any device, for example a laptop, smartphone or memory stick, must ensure that the information is protected by an encryption system recognised by the University.

  • All University owned devices and any personal device storing University information must have full disk encryption setup and enabled. As per the University Cryptography Policy.

Examples of University Information include but are not limited to: research data, finance data and personal information relating to our staff and students.