Encryption is on the way

What is encryption?

Encryption protects your information from being accessed by unauthorised people. Many of us carry around smartphones, tablets and laptops containing a mixture of personal and University information. By encrypting mobile devices and laptops information will be protected from falling into the wrongs hands. Please see our website to find out more about encryption and how it works.








New encryption services for the University

As part of the Information Security Framework programme there are two encryption projects under way; one project will enforce encryption services for mobile devices (smartphones and tablets) and the other will provide encryption for University owned laptops and managed workstations.

Exchange ActiveSync Project

This project will implement an encryption feature to secure University and personal information held on mobile devices against unauthorised access with an automatic encryption policy being enforced on 7th July 2015. All University staff members connecting to Office 365 via a personally owned, or University owned, smartphone or tablet will be required to have encryption enabled. Should individuals choose not to enabled encryption they will no longer be able to remotely access work emails or calendar via their mobile device.

Apple devices using iOS 6 (or above) are fully encrypted by default and staff members with these devices will not need to activate the encryption function on their device. Guidance to help Android, Blackberry and Windows device users is currently being written and this will be available in early June. We recommend that these users activate encryption on their devices before the ActiveSync encryption policy is enforced in July. After referring to the guidance (to be provided) device users requiring further assistance should refer to their LCR or IT Services.

Encryption ‘Sophos SafeGuard Enterprise’ Project

The second project will be delivered in 2 phases, as detailed below.

Phase 1

Will provide full disk encryption (FDE) for University owned laptops to protect against the unauthorised access of stored data. It will also allow for information files to be encrypted to enable staff to securely store and share Classified, Highly Confidential (C1) and Confidential (C2) files. This will benefit staff members wishing to send confidential information via email. The project team will shortly be running a pilot with a selection of users before expanding the service across the University early in 2016.

Phase 2

Will provide full disk encryption (FDE) for University managed workstations to protect against the unauthorised access of stored data. As above it allows for information files to be encrypted to enable staff to securely store and share Classified, Highly Confidential (C1) and Confidential (C2) files (e.g. via email). It is planned to roll out this functionality across the University mid to end of 2016.

Coming up next…

The Information Security Framework team will update the current Information Classification and Handling guidance to reflect the new mobile device enforced encryption policy and staff will be advised via Blas when the guidance is available to support them to enable encryption on their devices.

For regular updates and useful information security news please follow us on Twitter @CU_InfoSec.