Encryption Information

ITS has identified some limited options for individuals who need to encrypt data. These primarily make use of native encryption features in Mac and PC operating systems.

SOME CAUTIONS:

IMPORTANT: ENCRYPTED DATA WILL BE LOST IF YOU LOSE OR FORGET YOUR ENCRYPTION PASSWORD/KEY.

The weakest link in encryption is often the password. Be sure to use a complex password that is difficult to guess, but easy to remember so you don't have to write it down. If you do write your password down, be sure you store it securely where others would never find it. See UCSC’s Password Standards for more information about creating good, secure passwords.

Please Note: Although this web page identifies some available encryption tools, ITS does not endorse or recommend any specific product.


ENCRYPTION TOOLS:

 

Platform     
Tool What it does Web sites for more information  
Notes
Microsoft Office (Windows)
Microsoft Office 2003 and later Encrypts and password protects MS Office files Refer to "Help" in MS Word, Excel, PowerPoint, etc. Available on Microsoft Office 2003 and later (PC only)
Microsoft Office 2011 (Mac OS 10.5.8 or later)
Microsoft Powerpoint 2011 Encrypts and password protects Powerpoint files Microsoft's Website Microsoft Office 2011 for Mac allows encryption for Powerpoint presentations only. Excel spreadsheets and Word docs can be password protected but not encrypted.
Adobe Acrobat (Multiple Platforms) Adobe Acrobat Pro X and higher Password protect and encrypt PDF documents

Acrobat Pro X

Acrobat Pro XI

Encrypt and password protect PDFs with Adobe Acrobat Pro's "Encrypt with Password" option. IMPORTANT: You must select "Acrobat X and later" in the Password Security Settings box that comes up when selecting this option. Earlier versions do not provide adequate protection.
Windows 8 BitLocker Whole disk encryption

Microsoft's web site

Encrypts data on a hard drive and portable drives. Only available in Windows 8 Pro and Windows 8 Enterprise editions.
Windows 7 and Vista BitLocker Whole disk encryption

Microsoft's web site

Video instructions

Encrypts data on a hard drive and portable drives. Must be activated by someone with administrator privileges in order to be used.
Windows XP (retired)
Windows Encrypting File System (EFS) File and folder encryption

Microsoft's web site

Video Instructions

EFS is not intended to provide robust encryption, but it does provide better security than unencrypted storage of files. May be able to be bypassed by administrator-level access. See information and cautions from Microsoft and WindowSecurity.com
Mac OS 10.7 and up
FileVault 2 Encrypts entire hard drive Apple's web site Update of FileVault (see below) that allows encryption of the entire hard drive. Allows migration and use of home directories encrypted with earlier versions of FileVault; however, you will not be able to turn on FileVault 2 at the same time.
Mac OS 10.4-10.6
FileVault Encrypts entire home directory

Apple's web site (General info only)

Instructions

You must set a master password for your computer in order to use FileVault. If you forget both your regular computer password and your master password, your data will be lost. Note: FileVault can cause the computer to run a little more slowly, and shutting down may take a little longer.
Mac OS 10.4 and higher Encrypted disk image Volume encryption

Apple's web site

Uses the "Disk Utility" application. An encrypted disk image acts like a password-protected folder. You have to close the disk image each time you are done using its contents or the files will effectively remain unencrypted. Note: Disk images are a fixed size, so you have to know how big you want it when it is created.
Android Encrypt all data on phone Instructions Requires setting a screen lock PIN/password and is irreversible.

USB flash drives (data sticks)

Multi-platform

(see below for Windows-only encrypted data sticks)

IronKey

Corsair

Aegis

Partition or entire device encryption

IronKey

Corsair

Aegis

IronKey: Encrypted memory sticks that can be used with computers running Windows, Mac and Linux. Prices start at $89 for a 1 gb memory stick. Also listed on UCLA Med Center's website.

Corsair Flash Padlock®: Encrypted memory sticks that include a PIN pad on the data stick. Can be used with Windows, Mac and Linux. Prices start at $40 for an 8 gb memory stick. Also listed on UCSF Med Center's website.

Aegis Secure Key: Similar to Corsair, above. Prices start at $65 for 4 gb. Also listed on UCSF Med Center's website.

USB flash drives (data sticks)

Windows-only

BitLocker To Go - Windows 7 & 8 only Partition or entire device encryption

BitLocker To Go - Windows 7 (video instructions)

BitLocker To Go - Windows 8
BitLocker To Go for Windows 7 must be activated by someone with administrator privileges in order to be used. For Windows 8, BitLocker To Go is only available in Windows 8 Pro and Windows 8 Enterprise editions.
Secure email Send sensitive information securely

Please contact the ITS Support Center for options and assistance with sending sensitive information securely.

Rev. Aug 2014