Yes! While we do not anticipate having any problems during the encryption process, it is always a good practice to back up your data to an encrypted removable storage device and verify it for accuracy before encrypting your laptop. If you need assistance with your backup, please contact Support.

Occasionally, there is a minute reduction in computer speed after encryption. In general, this is unnoticeable on all but very old devices, such as those more than four years old.

Devices encrypted with BitLocker Drive Encryption and FileVault 2 will not require any additional steps to access your data. Both encryption solutions are native to Windows and OS X, respectively, and require no additional logins. Legacy devices encrypted with PGP will require an additional password when first powering on your device. This separate password ensures only you can access your encrypted data. You can assign a separate password for this purpose but it can be the same as the CWID password you normally use to log into your computer.

It takes about 15 minutes to install the encryption software, and then between 4 and 10 hours to finish the encryption, during which time you can use your computer normally. After the initial encryption is complete, the encryption should not disturb you while you work.

Yes! Many types of encryption software do not encrypt the entire drive, but the ITS-managed encryption solutions utilize whole disk encryption, which means every sector of your hard drive will be encrypted.

The latest revision to the ITS Device Encryption policy (11.06) now requires that all tagged desktops are encrypted with the ITS-managed encryption solution.

ITS recommends Macintosh users upgrade to OS X 10.7 Lion or higher. Encryption solutions for previous versions of OS X, such as the original version of FileVault, do not provide whole disk encryption and are not compliant with the Device Encryption policy. We also recommend that Windows users upgrade to Windows 7 or higher.

ITS uses Microsoft's BitLocker Drive Encryption for devices running Windows 7 or above and Apple's FileVault 2 for devices running Macintosh OS X 10.7 Lion or above. Both of these encryption solutions are native to the respective operating system and offer significant improvement in system performance. Symantec's Pretty Good Privacy (PGP) is being phased out and may only be used to support legacy devices requiring encryption. Mobile devices, such as tablets and smartphones, are encrypted using native device encryption that is enforced by our mobile device management solution.

For any ITS-tagged laptop, encryption is provided at no additional charge. We are available to assist and provide "best effort" support to encrypt untagged devices that meet our hardware requirements. Users are strongly encouraged to make an encrypted backup of the device data and verify it for accuracy and completeness.

All devices tagged by ITS and used for WCMC purposes must be encrypted using an ITS-managed encryption solution unless otherwise exempted as defined in the ITS Device Encryption policy (11.06). This is to help protect you if you store, send, or receive any of the following types of confidential data, such as:

• Social Security Numbers
• Financial information, such as credit card and bank account numbers
• Protected Health Information as defined by HIPAA
• Research information
• Other WCMC-proprietary information

Many people receive and store this information on their devices, even if they do not realize it, which is why we are mandating encryption on all tagged devices across the institution. The full definition of confidential data can be found in the ITS Data Classification Policy (11.03) and the ITS Device Encryption policy (11.06).