OIS Security Bytes: Encryption Edition

UNC’s Office of Information Systems will be posting bite-size IT Security tips for our users. As IT security concerns become more a part of our everyday life, awareness is one of our best allies. This week's update discusses tips for protecting sensitive information on your devices. For more information, contact your local IT Support or chat with us at help.med.unc.edu

OIS Security Bytes: Encryption Edition click to enlarge Whole Disk Encryption does not prevent malware infections.

Laptop Encryption: No Panacea

At UNC, mobile devices that store sensitive information such as PII or PHI are required to be encrypted. Whole Disk Encryption (WDE) (via Symantec’s PGP, Microsoft’s Bitlocker, or Apple’s Filevault) serves to protect data in the event that the device is lost or stolen.

However, encryption does not guarantee the security of locally stored data in all events.

We have had several instances recently of malware infections on devices that were being used to store University data. Whole Disk Encryption does not protect data once you have logged into the device. It is, therefore, accessible to malware and viruses that get downloaded and installed incidentally. It is also available to other users if you leave the device logged in and unattended.  Lastly, family, friends, or colleagues who may not be familiar with technical safeguards or aware of the security risks involved when online can greatly increase the risk to university data to which you have access.  

As an extra layer of precaution, you are able to encrypt specific Microsoft Office documents by password protecting them with a strong passphrase. This can be useful for personal information or for data that is not necessarily sensitive, but should be protected none-the-less. More information can be found here.

Unfortunately, malware is becoming both more sophisticated and more persistent. Please remember: your local drive is rarely the best place to store University files. Please work with local IT Support to determine the best server for your data and instructions on how to access those servers both on and off campus. If you are not sure who to ask or if you have additional questions, contact us at help.med.unc.edu.

 For more information, please see this link.