Encryption Frequently Asked Questions (FAQs)
What is encryption?
Encryption converts data into an unreadable format and is the primary defense against data loss when devices are lost or stolen. In order to convert the encrypted data into an intelligible format, it needs to be decrypted with a secret key, typically a PIN or password, that the user provides. This is similar to a safe where you might store your valuables. A thief would not be able to breach the safe without the combination lock (or key for encryption).
When do I need to encrypt my electronic devices (e.g., laptops, iPads, cell phones, etc)?
You need to encrypt any device, whether Boise State owned or personal, if the device is used for university business purposes or to access university information.
How do I encrypt my device?
The process to encrypt a device depends on the type of device (phone, tablet, laptop, etc…) and if it is a university owned device or a personal device. If you have a university owned device, contact the Help Desk at 208.426.4357 to request encryption installation. If you’re using a personal device, review the encryption installation instructions provided by your manufacture.
What whole disk encryption software does Boise State support?
To help facilitate and manage whole disk/hard disk encryption, Boise State supports Windows BitLocker and Mac FileVault 2 enterprise encryption for Windows or Mac laptops and some Windows tablets. Contact the Help Desk at 208.426.4357 to determine if your device is eligible for encryption.
Is the PIN/Password for whole disk encryption the same as my Boise State password?
The PIN/Password used for disk encryption for your Windows or Mac laptop is not the same as the password used to log into your Boise State user account. This is by design and provides an added layer of data security if the device is lost or stolen.
Is my device screen lock passcode/password protection enough to secure my phone or tablet device data?
Using the screen lock passcode/password protection is highly recommended and enables strong device encryption on newer iPhones and iPads. Android devices have similar device encryption options. Users should check with the device manufacturer to enable device encryption.
Will the encryption software slowdown my device?
Modern encryption software is designed to have negligible impact on devices. Once the encryption software is installed or enabled there will be little to no impact on end-user experience.
I previously used my personal laptop a few times to access my university email and/or store sensitive data. However, I no longer use it for university purposes and I don’t want to encrypt it. What should I do?
Sensitive data must be removed from the device and the remaining free space must be cleansed using an appropriate tool. Just deleting a file is like removing the table of contents to a book. You may not know where the chapter begins but you can still randomly flip to a page and read the full contents. Contact the Help Desk at 208.426.4357 to ensure that all university data has been removed or destroyed.
I forgot my encryption PIN/Password, what do I do?
If you forgot your encryption PIN/Password to your university managed device, or if it’s not working, the Help Desk can help you access your device. Call 208.426.4357 or submit a ticket to email@example.com. For personal devices refer to your manufacturer’s instructions. Note: Be advised that if you forget your PIN/Password for your personal device you might not be able to recover the data that is encrypted.
Is VPN and Whole Disk Encryption the same thing?
No, VPN and Whole Disk Encryption are two different technologies used to encrypt data and are supported by the Office of Information Technology.
- Whole Disk Encryption: Is used when data is stored outside of Boise State managed networks.
- When you have no option other than to store sensitive data on your hard drive, and such storage has been approved, you must encrypt your hard drive or portable storage device. If you lose your laptop, Windows tablet or storage device, the encryption will render the data unreadable to anyone but you. You and you alone know the PIN/Password to decrypt the data.
- Virtual Private Network (VPN): Is used for data transmission outside of Boise State managed networks.
- Our VPN service is available to all Boise State employees and encrypts data as it is transmitted between your devices and Boise State services when off-campus. Using VPN protects you and the University from possible data loss especially on unmanaged or open public networks (Coffee shops, hotels, etc…). Visit our VPN FAQ page to learn more about VPN.
For outstanding questions not answered in these FAQs, contact us by phone 208.426.5501 or by email at firstname.lastname@example.org.