College Data on New Laptop Computers Now Protected With Encryption

Have you ever wondered what kind of data you would lose if your laptop somehow ended up in the wrong hands?  Do you have years of course data and development stored on it? Research data? Financial information? Confidential correspondences?  How about personally identifiable information (names, addresses, birth dates, etc.) for yourself or others?

 

When we think of the security of data on SUNY Oswego-owned employee computers, laptops can be the most vulnerable due simply to their small size and mobility.  This is why all new PC laptop computers received by the College are now being encrypted. This means if your laptop were to be lost or stolen, data would not be accessible without your Laker NetID or a digital recovery key.  

 

How does it work?

The encryption occurs using a technology that comes built-in to Windows 10 called Bitlocker.  As data is added to or modified on the hard drive, Bitlocker encrypts it. When it needs to be read, Bitlocker decrypts it.  This is all transparent and seamless to the user. In most cases, the user won’t even notice a difference between using an encrypted laptop vs. an unencrypted laptop.

 

There are some situations when Bitlocker needs to confirm it is in the proper hands.  In these situations, a digital recovery key consisting of a string of numbers and characters will be required.  While this key can be retrieved by calling the Help Desk, there may be times in which the key is needed when business is closed.  Therefore, please keep this key in Google Drive where it can be further protected and accessed only by you should you need it. At the time a new laptop is delivered to an employee, our technician will assist in saving the key.

 

The situations in which the key may be required include:

  • A forced shutdown of the machine

  • Hardware replacements/mechanical failures such as a new disk drive

  • Booting from external devices or into safe mode

  • Firmware upgrades

  • Windows updates

 

Please do not store the key in non-digital formats such as on paper stored in a laptop bag.  If the laptop bag is stolen, the key can be used to access data.



What about encryption for Macs?

On the Mac side, laptops are also being encrypted using FileVault.  It works in a similar manner as Bitlocker where it generates a key. This key should also be stored in Google Drive for safe keeping.  

 

What about desktop computers?

At this point, desktop computers for both PCs and Macs are not being encrypted.  Further discussions will take place in the future to evaluate the need for desktop encryption.



Photo from: https://www.pexels.com/photo/black-android-smartphone-on-top-of-white-bo...