Skip to main content

Encrypt Computer (Required for Confidential Data)

This article applies to: Security & Policy


All devices holding confidential data (computers, smart phones, thumb drives, tablets, etc.) must be kept secure.

You must ENCRYPT if:

  • The device storing confidential data ever leaves a secure university location, if it's mobile (you take it with you anywhere), or is not physically locked down.
  • Unauthorized individuals have accounts on the device.

Consult with your technical support staff prior to encrypting.

  • There are numerous encryption products available, but Cornell recommends BitLocker for Windows and FileVault for macOS. Both solutions are native to the computer.
  • For all other devices, encryption options vary and are often device-specific.
Encryption only works if the encrypted computer is stolen while it's turned off. It keeps a thief from turning on the computer and stealing information you have stored on it. During any other scenario, it's just as vulnerable as usual--if it's stolen or hacked while it's turned on (while you're on the Internet, if you download a virus in email, if you don't lock your screen and someone downloads data they shouldn't, etc.).

About this Article

Last updated: 

Friday, August 11, 2017 - 10:08am

Was this page helpful?

Your feedback helps improve the site.