Securing and Encrypting Mobile Phones & Tablets

Any smart phone or tablet should be encrypted and password protected. Please note that a pattern or 4 digit pin does not count as a strong password. Devices with fingerprint readers can be used as long as they are also secured with a strong password.

Windows Phones recently have been coming pre-encrypted, which is great, however the options for setting a strong password have been hidden from the standard interface. It is still possible to enable but requires the use of an ActiveSync policy to enable. If you have a Windows Phone please contact the Department of Medicine IT Services so we can assist with this process.

Securing and Encrypting Thumb Drives & Portable Storage

Portable storage devices should be encrypted and password protected. The best option is a pre-encrypted drive, such as Kingston’s DataTraveler Vault Privacy series. These devices are cross platform, meaning that the encryption software works both with Windows and Mac OS X. Alternatively Windows has a built in option called BitLocker 2 Go which can be used on portable devices and Macs can also use FileVault on USB drives, however by doing so we restrict the device to the platform of the respective encryption option.

For assistance in setting up encryption on your thumb drive or portable storage please visit one of the Department of Medicine IT Kiosk’s, the kiosk schedule is located here. If you cannot make it to a Kiosk event please feel free to contact us for individual help.

Securing and Encrypting Windows Laptops & Desktops

Windows laptops used for any work purpose must be encrypted . The Department of Medicine IT also recommends encrypting desktop workstations for extra protection. Desktops that are not secured with encryption should be secured with a security lock (example) and a strong password.

The primary encryption method for Windows is BitLocker, which is available to devices with a TPM chip and running Windows 7 Enterprise/Ultimate, Windows 8/8.1 Pro, and Windows 10 Pro/Enterprise. Computers that do not meet those requirements can be encrypted with Symantec Endpoint Encryption, a third party software encryption. The recommended option is a computer with a TPM chip and BitLocker when possible, which provides a better user experience and easier manageability.

For assistance enabling encryption on a Windows laptop please visit one of the Department of Medicine IT Kiosk’s, the kiosk schedule is located here. To enable encryption on a desktop or if you cannot make it to a Kiosk event please feel free to contact us for individual help.

Securing and Encrypting Mac Laptops & Desktops

Mac laptops used for any work purpose must be encrypted. The Department of Medicine IT also recommends encrypting Mac workstations for extra protection. Desktops that are not secured with encryption should be secured with a security lock (example) and a strong password.

The primary method of encrypting Mac OS is FileVault, which was introduced in OS 10.3 however the Department of Medicine IT strongly recommends upgrading to OS 10.7 or newer before enabling FileVault.

For assistance enabling encryption on a laptop please visit one of the Department of Medicine IT Kiosk’s, the kiosk schedule is available at the top of this page. To enable encryption on a desktop or if you cannot make it to a Kiosk event please feel free to contact us for individual help.