Skip to main content

Cornell University

FileVault

Encryption is the process of scrambling data to make it unreadable to anyone who does not possess the proper key. When you encrypt an entire disk using FileVault, all of the files on the computer are encrypted, including:

  • Operating system files 
  • Application files 
  • Data files 
  • Swap files 
  • Free space 
  • Temp files 

When you log on to an encrypted computer, your drive is decrypted. When you shut down your system, the drive is re-encrypted. This means that, when your device is powered off, your disk is protected against use by others.  

Remember that once you unlock a disk, its files are available to you—as well as anyone else who can physically use your system. If you leave your system unattended, your files are not encrypted. 

Not all drives need to be encrypted, but many do. The requirements are spelled out in University Policy 5.10: Information Security. Check with your local security liaison or technical support provider.  

Because FileVault is a component of the Mac OS X operating system, it is not available for Windows computers. For Windows, use BitLocker instead.

Support Contact:

Cornell IT Service Desk

Normal Business Hours: Monday-Friday, 8am-6pm (Eastern Time)
Emergency Service Disruptions: After Hours Support

Service Details:

Summary:

Encrypt your files on a Mac OS system.

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.