Skip to main content

Cornell University

Encrypt Computer (Required for Confidential Data)

This article applies to: Security & Policy

All devices holding confidential data (computers, smart phones, thumb drives, tablets, etc.) must be kept secure.

You must ENCRYPT if:

  • The device storing confidential data ever leaves a secure university location, if it's mobile (you take it with you anywhere), or is not physically locked down.
  • Unauthorized individuals have accounts on the device.

Consult with your technical support staff prior to encrypting.

  • There are numerous encryption products available, but Cornell recommends BitLocker for Windows and FileVault for macOS. Both solutions are native to the computer.
  • For all other devices, encryption options vary and are often device-specific.
Encryption only works if the encrypted computer is stolen while it's turned off. It keeps a thief from turning on the computer and stealing information you have stored on it. During any other scenario, it's just as vulnerable as usual--if it's stolen or hacked while it's turned on (while you're on the Internet, if you download a virus in email, if you don't lock your screen and someone downloads data they shouldn't, etc.).


To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.