Encryption protects the confidentiality of information by making it unreadable to anyone who doesn’t have the right key (usually a password).
All members of the University have a responsibility to maintain the security of University information. The use of encryption is one measure that can help meet this requirement. Encryption is one component of a wider set of measures to ensure that all information is appropriately secured; other controls such as ensuring adequate physical security and routine backups must also be considered.
All University owned devices must have full disk encryption setup and enabled.
Any personal device storing University information must have full disk encryption setup and enabled.
Examples of University Information include but are not limited to: research data, finance data and personal information relating to our staff and students.
When should encryption be used?
From December 2019 it is University policy that anyone storing or accessing University or personal information on any device, for example a laptop, smartphone or memory stick, must ensure that the information is protected by an encryption system recognised by the University.