Encrypt Computer (Required for Confidential Data)
This article applies to: Security & Policy
All devices holding confidential data (computers, smart phones, thumb drives, tablets, etc.) must be kept secure.
You must ENCRYPT if:
- The device storing confidential data ever leaves a secure university location, if it's mobile (you take it with you anywhere), or is not physically locked down.
- Unauthorized individuals have accounts on the device.
Consult with your technical support staff prior to encrypting.
- There are numerous encryption products available, but Cornell recommends BitLocker for Windows and FileVault for macOS. Both solutions are native to the computer.
- For all other devices, encryption options vary and are often device-specific.
Encryption only works if the encrypted computer is stolen while it's turned off. It keeps a thief from turning on the computer and stealing information you have stored on it. During any other scenario, it's just as vulnerable as usual--if it's stolen or hacked while it's turned on (while you're on the Internet, if you download a virus in email, if you don't lock your screen and someone downloads data they shouldn't, etc.).