Desktop Encryption Project
Compliance requirements, particularly the requirement to notify users/the public when data breaches occur, have increased the consequences of disclosing restricted information. In Wisconsin law, breach notification is not necessary if the data is encrypted (i.e., the data is not "known" to be lost).
Laptops, desktop and other portable media that store restricted data, however, are of particular concern since they can be easily lost or stolen due to the distributed nature of their physical location and system administration. The purpose of desktop encryption is to render data on desktops and laptops unreadable so that risk is reduced if a computer storing restricted data is lost, stolen, compromised or disposed of improperly.
In May of 2008, the campus selected McAfee Endpoint Encryption (formerly known as Safeboot) to provide this control.
Key features of the product include:
- full disk encryption for most flavors of Windows
- file and folder encryption for same flavors of Windows
- full disk or file/folder encryption for Windows Mobile devices.
- centrally managed configuration and escrow of encryption keys
The Office of Campus Information Security (OCIS) has purchased 2000 licenses for campus use. These licenses are available to anyone wishing to participate in the project at no cost. While we think folks can get up and running quickly by using a OCIS run server, it is also possible to install your own McAfee/Safeboot server, install our "free" licenses on that server and be completely autonomous.
Support is available on a collaborative basis by participating departments. Participation in the user's group is encouraged. Support is also available directly from McAfee.
Interested individuals can contact the Office of Campus Information Security (OCIS).