Virtru for sharing sensitive data on and off campus

Virtru products allow you to control access and encrypt sensitive data when sharing information via UC Santa Cruz Gmail or Secure File Share. Choose the sharing method that best suits your needs to ensure the university's most sensitive communications remain secure and private, helping to prevent unauthorized access.

Availability and cost

The Virtru Service is currently offered via a per-user license model with an annual fee of $80 per user.

Request the service

To initiate the licensing process for your team, please contact your department's supervisor responsible for purchasing licenses. Virtru license fees are charged to your department. This will be part of a standard software ordering process.

How it works

• Virtru for Gmail is integrated into the UCSC Google Mail inbox. Selectively encrypt emails sent from your ucsc.edu address. You can also prevent a forwarded email from being read, set an expiration date, and revoke the ability to read an email after it is sent. Use the Chrome web browser extension or #secure# in the subject line. Email recipients do not need to install Virtru to read or respond to your email. Learn how to use Virtru Plug-in for Gmail

• Virtru Secure File Share is a tool that allows you to send and receive encrypted files of nearly any size with individuals inside and outside of UCSC.  Learn how to use Secure File Share (google doc)

Why use Virtru

• Restrict, expire, and audit data access to mitigate breach risks.
• Protect student and employee information even if the network is infiltrated.
• Enforce HIPAA, FERPA, and CJIS compliance for all users.
• Maintain compliance with regulations such as CMMC.
• Protect against unwanted government surveillance and cloud provider access.

When to use Virtru

Encrypt emails and files only when you need to control access or when they contain sensitive information. Not every email or file requires encryption.

For more information about the types of sensitive data you should encrypt with Virtru, please review the guidelines for P3 and P4 data on the data protection levels page.

Examples of data to encrypt with Virtru:

• Protected health information (ePHI)
• Personally identifiable information (PII) such as name, birth date, and address
• Excel spreadsheets or Google Documents containing names, addresses, and student IDs
• Grades and other student education records
• Personnel information 
• Intellectual property

If your data type is not listed and you are unsure whether it needs to be encrypted, please consult the ITS Support Center for guidance.

Avoid encrypting the following types of data with Virtru:

• Controlled unclassified information (CUI)
• Credit card or payment card industry (PCI) information
• Federal information security management act (FISMA) data
• Student loan application information (regulated by GLBA)
• Email processed by tools such as ServiceNow, Perceptive Content. Examples of such emails are help@ucsc.edu and Staff HR emails.

Note: Encrypting collaborative files, such as Google Docs, Sheets, and Slides requires a different product. Please contact the ITS Support Center for further information. 

Who should use Virtru

• Faculty
• Staff
• Students
• Student health centers
• Campus police
• Alumni donors
• Research centers
• Registrar
• Disciplinary committees
• Advisors and department managers
• Staff HR
• Campus Counsel

These are just a few examples of members in our community who can use Virtru to share data securely, ensuring that sensitive communications remain private and compliant.

Encrypted Record Guidelines

Electronic messages sent or received in the course of conducting UC business are administrative records subject to university records policies, guidelines, and retention schedules. Encrypted Record Guidelines