ITS Home  |  Service Catalog  |  Knowledge Base  |  Support Center  |  Contact ITS Service Desk     

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Workstation hard drive encryption policies require all connected storage to be encrypted so that data cannot be accessed from a computer without the proper keys or user authentication. Encryption policies apply to both Windows and Mac computers and are managed by ITS.

Looking for help with a locked computer or an external/USB drive? See Disk Encyption Help

  • Due to the nature of our work at Cal Poly, university-owned computers may have access to sensitive data dependent on a user’s role. 

  • It is the responsibility of Cal Poly to safeguard any data that is accessed and stored locally on all computers and protect that data from misuse. 

 What is encryption?

Encryption is the process of converting or scrambling data and information into an unreadable, encoded version that can only be read with authorized access. Encryption is a widely used security tool that can prevent the interception of sensitive data, either while stored in files or while in transit across networks.

 How is encryption enforced?

Encryption on Cal Poly devices is performed using native tools for each major operating system:

  • FileVault for MacOS and

  • BitLocker for Windows. 

Each technology is managed by different external tools and controlled by ITS.

 How is encryption managed locally?

Once a device is encrypted, it requires either an authenticated login or a recovery key.  When a device is initially encrypted, a recovery key is created and saved to the management server.

 What if I cannot unlock my computer?

Please contact the Cal Poly Service Desk or create a support request ticket to have an administrator contact you for assistance.

 What about external disks such as USB drives?
  • External disks are different for each platform:

    • MacOS does not encrypt external disks by default and will only enforce internal disk protection. 

    • Windows requires all disks to be encrypted to have data written to them. 
      For instance, if you insert a USB drive into a Cal Poly Windows device it will require you to encrypt the device prior to writing any data to it.  You can opt to not encrypt the device, but it will remain read-only.

  • Once an external device is encrypted, it is recommended to save your secure passphrase to LastPass for future retrieval.

  • To encrypt external devices on a Mac you will need to utilize Disk Utility

  • Some devices may be allowed as an exception for external disks. 

    • To acquire an exception, please create a ticket and each case will be reviewed by the Information Security Office.

  • The official recommendation for file sharing on campus is via Microsoft OneDrive

Resources

BitLocker overview

Microsoft 365 - OneDrive

How does FileVault encryption work on a Mac?

 

  • No labels