Encryption

 

Every day, staff and students across DIT rely on information to achieve their teaching & learning, research, and administrative goals. However, any data that can be considered personal to a living individual (such as name, address, grades, etc.) must be protected in accordance with the Data Protection Acts (1988, 2003). This tenet is reflected in the IT Security Policy, approved by SLT in 2010, which notes:

“… all personal or confidential information being taken for use by authorised staff outside the Institute must be encrypted using an Information Services-approved encryption service.”

Achieving compliance is a significant challenge given the proliferation of data across both DIT and personally-owned laptops, phones, and USB keys, as well as cloud storage solutions. However, the greatest risk of a data breach continues to be a lost or stolen laptop or phone that was not encrypted. Therefore, ICT Services has 3 solutions available to support encryption of DIT devices-

McAfee Endpoint Encryption: for DIT laptops running Windows

Apple FileVault: for DIT laptops running Apple OS X

Microsoft InTune: for DIT mobile phones and tablets running Android, iOS, and Windows 

In addition, HEAnet Filesender provides a secure way to share large files with anyone

 

Laptop encryption

To get your laptop computer encrypted, contact the Service Desk at https://mysupportdesk.dit.ie or ext. 3123. The process for encrypting a laptop could take up to 1 day depending on the amount of data stored. The process involves first making a backup of the data and checking the hard drive for errors before installing the McAfee software. The laptop will run a little bit slower for the initial encryption of the hard drive. Thereafter, the impact on performance will be minimal. Laptops that are older than 5 years may have a more noticeable impact.

If you use a personally-owned laptop for DIT-related business then you still need to protect the data from loss or theft. Options to encrypt your laptop include Microsoft BitLocker and Apple FileVault. For whichever product you choose to use, make sure that it is a reputable product. Please note that ICT Services are unable to provide support for encryption on personally-owned laptops.

Mobile encryption

To get your DIT mobile phone or tablet encrypted, contact the Service Desk on 3123 or support@dit.ie to request access to the Microsoft InTune Mobile Device Management solution. Once you have been assinged a license, you can download the InTune app from the appropriate App store and encrypt your DIT mobile devices. Details on how to do this are available from the InTune installation guide below.

USB memory stick encryption

To be able to encrypt memory keys (USB sticks), you need to get the McAfee client installed on your PC. Contact the Service Desk on 3123 or support@dit.ie with details on the name of your computer so that the client can be pushed to your PC. Thereafter, each time you insert a key, you will be given a prompt to encrypt it. This is of benefit to colleagues who wish to encrypt a number of keys for sharing within their department. Further information is available from the McAfee USB key encryption installation guide. Please note it is not possible to recover data from a corrupted memory key, and files should never be stored only on a USB stick.

Office 2013 document encryption

Office 2013 or later, which includes Word, Excel, Powerpoint, etc., includes a facility for appropriately strong encryption of documents which is a convenient way of sharing confidential documents over email or on shared folders. Just to note that the encryption functionality in Office 2003 or earlier is easily broken and should therefore not be used for protecting documents. If you are running a version of Office earlier than 2013, then please contact the DIT Support Desk or your College IT Support service to request an upgrade

What to do if your laptop or phone is missing

Where devices storing DIT-owned data are lost or stolen, the DIT data security breach management guidelines must be followed in order to reduce the impact of the breach. This is regardless of whether the device is personally-owned or DIT property. For immediate steps on what to do if a device is lost or stolen, follow the procedure below. 

Related Information

Back to Top

     Find us on Facebook      Follow us on Twitter      Follow us on LinkedIn

Member of the European University Association