Encrypting computing devices

The Faculty of Science expects all UBC-owned laptop computers (as well as all personally-owned laptops used to store or access UBC information) to have their contents encrypted in order to safeguard any Personal Information which may be stored on these mobile devices now or in the future.  

Other mobile electronic devices used to store any personal information (PI) must be encrypted, including devices where unencrypted email communications between yourself and students are stored. This includes laptops, tablets, and phones.
  1. UBC has new information security standards which affect all faculty and staff (including graduate students or UTAs who store student information on devices). One of these standards, Policy #104 (pdf), addresses the storage of personally identifable information such as student numbers, grades, employee information. 
  2. UBC has identified a legal obligation to ensure that confidential information is protected from unauthorized access, use or destruction. 
  3. Encrypting devices is the most effective way of mitigating this risk to confidential information. 
  4. Mobile devices (ie laptops, tablets, smartphones, USB thumb drives) containing confidential information have been identified by UBC as being the highest risk for compromise, due to theft or loss, so will be our priority for encryption in the department.

More information on encrypting devices can be found on the UBC Privacy Matters site.

Laptops

There are four choices are available to department members for laptop encryption:
 
OPTION 1 - Backup and encryption completed by the PHAS-IT staff for Mac and Windows PCs.  This may require surrendering the laptop to the IT staff for several days.
 
OPTION 2 - Self encrypt your mobile device, using software built into the operating system. Here are our recommendations for Mac,  Windows, and Linux PCs.
 
OPTION 3 - Apply for a personal waiver from the Department Head stating the business case reasons for not encrypting your device containing personal information and a risk mitigation plan for theft or loss.
 
OPTION 4 - No encryption: only if the mobile device contains no personally-identifiable information. This means that it cannot store department or university email (i.e. using webmail only, used for research only), student assignments, graduate student progress assessments, or other related material.
 

Other Mobile Devices

Please contact PHAS-IT for help with encrypting other mobile devices.