Office of Campus Information Security

• About OCIS
• Awareness & Training
• Campus Initiatives
• Downloads
• Report an Incident
• Contact Us
• 
• Individual Computing
• Secure Your Computer
• Protect Your Identity
• Copyright Infringement
• Handling University Data
• 
• Departmental Computing
• Risk Assessment
• Standards & Practices
• Tools & Forms
• More Security Resources

Desktop Encryption Project

Compliance requirements, particularly the requirement to notify users/the public when data breaches occur, have increased the consequences of disclosing restricted information. In Wisconsin law, breach notification is not necessary if the data is encrypted (i.e., the data is not "known" to be lost).

Laptops, desktop and other portable media that store restricted data, however, are of particular concern since they can be easily lost or stolen due to the distributed nature of their physical location and system administration. The purpose of this project is to research tools and methods for encrypting data on desktops and laptops so that risk is reduced if a computer storing restricted data is lost, stolen, compromised or disposed of improperly.

Expected project deliverables are to:

• recommend a product for a pilot project with sponsoring departments
• survey pilot participation for important requirements and feedback
• make a recommendation for final a product to sponsors along with a recommended lifecycle for product review

The Desktop Encryption Project Team is entering a pilot phase which is expected to run until June 2008. A final report will be delivered to the project sponsors by the end of the month. The team expects to spin off two other projects: 1) a policy group and 2) a rollout project encompassing best practices, end user education, and support infrastructure, both starting up around June.