Return to: U of M Home
Encryption is the conversion of data into a form, called ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form, so it can be understood.
Before using encryption programs, evaluate if it is absolutely necessary to store confidential or private data on this computer or mobile computing device (e.g., PDA or USB flash drive). Consult with your local technical support staff. If you need to store private data, take steps to encrypt the data to help prevent unauthorized disclosure of private data. For laptops, data encryption is just one of the required steps in the University's Securing Private Data Standard.
There is a variety of encryption software available for common operating systems. Some software encrypts the entire hard disk, while others have an option to encrypt specific files or folders on the hard disk. Some operating systems, such as Microsoft Windows and Apple Macintosh have an option to turn on the operating systems built-in encryption software. There are also some readily available data encryption products from third party vendors. Some are even free.
No matter what product you choose, here are some important reminders:
Below are options for various operating systems/media: Macintosh, Unix, Windows and USB flash drives.
Below are some products used within the University by some departments. Be sure to download the software from a reputable site and periodically check the vendor web site for security patches or updates that must be applied.
Product |
Windows Platforms |
Options |
Web site |
Notes |
|
Windows Encrypting File System (EFS) |
XP, Vista and 2003 |
Built into the Windows Operating System |
File and folder encryption. See Required Steps for EFS.
Files emailed or saved to external media are NOT encrypted. |
|
|
BestCrypt |
XP, 2000, Vista and 2003 |
Free trial, purchase |
virtual drive encryption | |
|
GNU Privacy Guard (open source version of PGP) |
XP and 2000 |
Free |
File and folder encryption * | |
|
PGP commercial |
XP, 2000, Vista and 2003 |
Purchase |
File, folder, whole disk or virtual disk encryption. Includes a feature to securely wipe or shred individual files. The gold standard of encryption, but more complex. | |
| Pointsec | Purchase, under state contract | http://www.checkpoint.com/products/datasecurity/index.html | Full disk encryption
State Contract (for University-owned computers): |
|
| SafeGuard Easy | XP, 2000 and 2003 | Purchase | http://americas.utimaco.com/safeguard_easy/ | Full disk encryption |
| SecureZip | XP, 2000, Vista and 2003 | Purchase | http://www.pkware.com/home_and_small_office/ products/windows/securezip/ |
File and folder encryption. |
|
TrueCrypt |
XP, 2000, Vista and 2003 |
Free |
Folder encryption, directory or virtual drive |
* With the Windows Privacy Tray for GnuPG, this allows for easy encryption, decryption and file shredding options. See http://www.gpg4win.org/.
Below are some products used within the University by some departments. Be sure to download the software from a reputable site and periodically check the vendor web site for security patches or updates that must be applied.
Product |
Macintosh Platforms |
Options |
Web site |
Notes |
|
Mac File Vault |
Mac OS X or higher |
Built into the Macintosh Operating System |
Folder encryption | |
| Mac GNU Privacy Guard | Mac OS X 10.1 or higher | Free | File and folder encryption | |
|
Pointsec |
|
Purchase, under state contract |
Full disk encryption State Contract (for University-owned computers): |
|
| TrueCrypt | Mac OS X | Free | http://www.truecrypt.org/ | Folder encryption |
Macintosh OS X has native 128-bit encryption, called File Vault. File Vault encrypts the contents for a user's home directory.
Note:
Be sure to download the software from a reputable site and periodically check the vendor web site for security patches or updates that must be applied.
Product |
Platforms |
Options |
Web site |
Notes |
| GNU Privacy Guard (open source version of PGP) | Unix, Linux | Free | File and folder encryption | |
| Pointsec | Linux | Purchase, under state contract | http://www.checkpoint.com/products/datasecurity/index.html | Full disk encryption
State Contract (for University-owned computers): |
|
SecureZip |
Unix, Linux |
Free trial, Purchase |
http://www.pkware.com/home_and_small_office/ |
File and folder encryption |
| TrueCrypt | Linux | Free | http://www.truecrypt.org/ | Folder encryption |
USB flash drives are available with encryption to protect the contents. As with all software, periodically check the vendor web site for security patches or updates that must be applied.
Other third party encryption software is also available to encrypt data on USB flash drives. Be sure to download the software from a reputable site and periodically check the vendor web site for security patches or updates that must be applied.
Product |
Options |
Web site |
Notes |
| PGP Commercial | Purchase | http://www.pgp.com/products/desktop/index.html | |
| Pointsec | Purchase, under state contract | http://www.checkpoint.com/products/datasecurity/index.html |
State Contract (for University-owned computers): |
| SafeGuard Easy | Purchase | http://americas.utimaco.com/safeguard_easy/ | |
|
TrueCrypt |
Free |
Note: The University of Minnesota has no business relationship and makes no endorsement of any product listed.