Search

   
Laptop/Desktop Encryption Minimize    

Laptops

In compliance with a directive by The University of Texas System (UTS) Board of Regents, and UTS 165 Information Resources Use and Security Policy, all University of Texas at El Paso (UTEP) owned/leased laptops must be fully encrypted by August 31, 2012. As with most portable devices, laptops are at a high risk of being lost or stolen. The portability of these laptops poses a significant risk to exposure of confidential information stored on them. It is imperative that all employees know that confidential data must not be downloaded to a portable or personally-owned device without the express permission of the data Owner, and that any such data must be encrypted using Institutional ISO approved methods. Encrypting these devices will make it unfeasible for unauthorized retrieval of this information should a device be lost or stolen.

The encryption process will provide full-disk encryption by a government-certified product. What this means is that the contents of the entire hard drive will be made unreadable to unauthorized users.

Travel Abroad

If you are planning to travel abroad on University business please contact the ISO and complete the following form, Approval to Decrypt Device for Travel (PDF), if you are considering taking your University-owned device with you. Some countries are not participating states in the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies thus requiring certain items to be restricted. Data considered an Information Resource to UTEP or otherwise Confidential, Sensitive, or Controlled in nature shall not be transported out of the United States.  If traveling with a laptop or other mobile device to a non-participating Country, the device MUST be decrypted before you travel. Laptops for this purpose may be checked out at the Library-Technology Support Center (restrictions may apply).  Countries with signed Export Agreements allow encrypted devices into and out of their countries. Please note that you will need to seek approval from your Dean, Director, or Chair to remove the device off campus (Authorization to Remove Equipment Off Campus).  Additionally, an Export Control Acknowledgement and Certification Form will need to be submitted to the Chief Information Security Officer (CISO) and Office of Research and Sponsored Project (ORSP) at security@utep.edu.

Desktops

The University of Texas System Chief Information Security Council is asking that all institutions use their recommended approach to addressing desktop encryption in the comingmonths. This approach takes into account risk and the need to spread costs and staff efforts over time. In short, the requirement is that 1) all high-risk desktop computers be identified and encrypted no later than May 31, 2014, and 2) beginning September 1, 2013, all newly purchased computers be encrypted prior to deployment. This is a measured approach that will result in all high risk desktop computers being encrypted within a year and lower risk computers being encrypted as existing computers are replaced.

Project Details

Laptops

The project consists of a number of phases; these included, campus awareness, gathering a comprehensive and up-to-date inventory of all portable devices used to conduct university business, training, etc… More information on the project can be found here

Desktops

The project will consist of a number of phases, some of which will include identification of high-risk desktops, priority and order in which the high-risk computers will be encrypted, training, reporting requirements, etc. More information will be available once the project plan is finalized.

Survey

Laptops

Help us meet compliance by completing a simple survey if you use a university own laptop, and/or use your personal laptop for university business

Desktops

The ISO will again be asking for your assistance in identifying all university owned/leased computers, as well as helping to identify high-risk computer systems. There are three circumstances that will indicate whether a desktop computer is high risk: Based on Location; Based on Business Function; and Based on Role of User. Please note that this criteria is not all inclusive.

Encryption Exception

Laptops

Exceptions for the encryption will be considered only in rare situations. The exception request will be routed for approval to UTEP's Chief Information Security Officer (CISO). For more details on acquiring an exception for a laptop, please click here: Device Encryption Exemption Form

Desktops

There may be circumstances that prevent the use of encryption of some computers. In such situations an exemption will be considered. Desktop computers that meet the following criteria do not require encryption as they do not retain data: have controls in place such as "Deep Freeze" to enfore data wiping after each use; Kiosk computers designed not to store cata locally; network bootable computers designed with no local hard drives; virtual desktops for which the hypervisor is a secure 'cloud service' and does not permit transfer of the virtual image (if hypervisor itself is a desktop computer, then the desktop itself should be encrypted; and thin clients that have no local storage.

NOTE:

The Exemption Process outlined applies also to exemption requests for laptop computers and mobile devices that are University owned or are personally owned but that contain University information that meet requirements for encryption.

Frequently Asked Questions

Laptops

Please visit the laptop encryption Frequently Asked Questions (FAQs) section. This site will be updated as additional information is available

Desktops

For more information regarding desktop encryption please visit the following sites: Desktop Encryption Requirements and Frequently Asked Questions (FAQs); and Personally Owned Computer Encryption Notice