How does Secure Remote Archive work?
Secure Remote Archive works through a combination of a web client and a small server software running on the user's computer. This allows unattended background transfer of very large number of files of any size.
The transfer occurs between endpoints, which are basically storage places. Typically, one endpoint would be the Remote Archive, which is located in Ithaca, and the other endpoint would be your computer.
What is the Information Security Breach and Notification Act? What does encryption have to do with it?
The Information Security Breach and Notification Act, or ISBANA, is a New York State regulation that requires institutions such as WCMC that believe social security numbers, bank information numbers, or credit card numbers were stolen or lost from computers they own or operate (such as laptops, mobile devices, or desktops) to publically report the theft or loss to every individual affected. This is an expensive and timely process that could adversely affect the reputation of WCMC.
WCMC is requiring encryption in order to implement extra security safeguards in the event of theft or loss. Lost or stolen encrypted devices are not subject to the notification requirement of the ISBANA regulations.
I've already encrypted my device on my own. Do I have to use the ITS-managed encryption solution?
Yes. In order to properly secure and protect the information stored on your tagged device, an ITS-managed encryption solution must be used.
How does encryption work?
There are many types of encryption but the basic concept is to encode information (data) so that only those with the right "key" can decode and use it. Keys can be any random string of letters and numbers. For more information about the various encryption solutions used by ITS, visit the links below:
Why and how do you verify my identity if I forget my password?
We verify your identity because we want to ensure you are who you say you are before we give you a password or enter a recovery key to provide access to your data. We do not want someone who has stolen your laptop to circumvent our encryption system by claiming to be you. Prior to encrypting your device, you will be required to sign up for the myPassword management system. You will be asked to answer 5 questions about yourself (i.e., what is your favorite color?, what city were you born in?, etc.). If you forget your password or need a recovery key, the Service Desk will ask you for the answers to some of these questions. Once you have answered them successfully, we will work with you to recover your data as described above. If you cannot remember the answers to your questions, we will require that you visit us and show an ID or, if that is not possible, fax a copy of your ID to us for verification.
What happens if I forget my password? Will I be locked out of my data forever?
No. By utilizing an ITS-managed encryption solution, the recovery keys are securely stored in a central system. If you need to recover your data on devices encrypted with BitLocker or FileVault 2, you will need to contact the Service Desk to validate your identity. A technician will then enter the recovery key to allow you to decrypt and access your data.
If you forget your password on a legacy PGP-encrypted device, you will need to contact the Service Desk and validate your identity. Once your identity is confirmed, the Service Desk will issue you a temporary (usable only once) password and then help you change it to something only you know.
Can I encrypt the device myself?
Yes, but due to compatibility with different types and versions of operating systems, we recommend choosing removable storage devices that are pre-encrypted that are compatible with nearly any computer. ITS is available to assist in choosing a compatible pre-encrypted drive.
I store confidential data on a removable storage device (USB thumb drive, external hard drive, etc.). Can I encrypt my removable storage device using BitLocker or FileVault 2?
Yes, but due to compatibility with different types and versions of operating systems, we recommend choosing removable storage devices that are pre-encrypted that are compatible with nearly any computer. ITS is available to assist in choosing a compatible pre-encrypted drive.
Should I back up my computer before it is encrypted?
Yes! While we do not anticipate having any problems during the encryption process, it is always a good practice to back up your data to an encrypted removable storage device and verify it for accuracy before encrypting your laptop. If you need assistance with your backup, please contact Support.
Will my computer run slower once it is encrypted?
Occasionally, there is a minute reduction in computer speed after encryption. In general, this is unnoticeable on all but very old devices, such as those more than four years old.
