Virtru for sharing sensitive data on and off campus

Virtru products allow you to control access and encrypt sensitive data when sharing information over UCSC Gmail or through Secure File Share. You choose the sharing method that is best for you to help keep the university's most sensitive communications extra secure, and private to help prevent unauthorized access. 

Availability and cost

The Virtru Service is currently offered via a per-user license model with an annual fee of $80 per user.

Request the service

To initiate the licensing process for your team, please contact your department's supervisor responsible for purchasing licenses. Virtru license fees are charged to your department. This will be part of a standard software ordering process.

How it works

• Virtru for Gmail is integrated into the UCSC Google Mail inbox. Selectively encrypt emails sent from your ucsc.edu address. You can also prevent a forwarded email from being read, set an expiration date, and revoke the ability to read an email after it is sent. Use the Chrome web browser extension or #secure# in the subject line. Email recipients do not need to install Virtru to read or respond to your email. Learn how to use Virtru Plug-in for Gmail

• Virtru Secure File Share is a tool that allows you to send and receive encrypted files of nearly any size with individuals inside and outside of UCSC.  Learn how to use Secure File Share (google doc)

Why use Virtru

• Restrict, expire, and audit data access to mitigate breach risks
• Protect student and employee information even if the network is infiltrated.
• Enforce easy HIPAA, FERPA, and CJIS protection for all of your users
• Maintain compliance with regulations like CMMC
• Protect against unwanted government surveillance and cloud provider access

When to use Virtru

You only need to encrypt emails/files when you want to control access or that contain sensitive information. Not every email/file needs to be encrypted. 

For more about sensitive data you encrypt with Virtru, see UC Protection Levels for Institutional Information and review P3 and P4 protection levels.

Here are some examples of information you use with Virtru encryption:

• Protected Health Information (ePHI)
• Personally identifiable information (PII) such as name, birth date, and address
• An Excel spreadsheet or Google Document with names and unique names addresses, and student IDs
• Grades and other student education records
• Personnel information 
• Intellectual property

What NOT to encrypt using Virtru:

• Controlled Unclassified Information (CUI)
• Credit Card or Payment Card Industry (PCI) Information
• Federal Information Security Management Act (FISMA) Data
• Student Loan Application Information (regulated by GLBA)
• Email processed by tools such as ServiceNow, Perceptive Content. (Examples of such emails are help@ucsc.edu and Staff HR emails. ) 

Note: Encrypting collaborative files, such as Google Docs, Sheets, and Slides requires a different product. Please contact help@ucsc.edu for further information. 

Who should use Virtru

Students, faculty, staff, University Health Services, campus police, alumni donors, research centers, Registrars, disciplinary committees, advisors and department managers, Staff HR and Legal Counsel are only a few examples of our community who can use Virtru to share data securely and keep sensitive communications private and compliant.

Encrypted Record Guidelines

Electronic messages sent or received in the course of conducting UC business are administrative records subject to university records policies, guidelines, and retention schedules. Encrypted Record Guidelines