Encryption protects the people whose information we collect and manage, while protecting UVM from significant liability.
Encryption encodes information in a way that only someone knowing a secret key can read it. If you store sensitive or confidential information — what UVM calls “Protected University Information”[1] — anywhere but on password-protected UVM servers, it must be encrypted. Laptops, smartphones, iPads, tablets, and even USB drives can be encrypted, often quite easily and conveniently. The encryption requirement applies to backups and “temporary” storage as well. For example, an external hard drive must be encrypted if it is used to transfer files containing Protected University Information from an old computer to a new one.
Need help? Contact the ISO Team at iso@uvm.edu.
[1] See UVM’s Information Security Policy: http://www.uvm.edu/policies/cit/infosecurity.pdf