Northeastern Illinois University is committed to safeguarding student, employee, and other business data. One of the ways to protect data is to provide hard disk encryption on all employee computers (desktops and laptops).
The best way to protect sensitive data is to store it in secure storage areas provided by the University, such as the shared network drives/folders or Google Drive where access is restricted and secure and data is backed up regularly. However, there are situations where data is stored on desktops or laptops to support work, and hard disk encryption provides security for such data.
Encryption on a computer's hard disk makes it difficult to access the data stored on the computer without the right access privileges or decryption keys. If a device is lost or stolen or there is an online threat to gain unauthorized access, the data stored on the device is protected due to encryption. This will reduce the possibility of a data breach and help protect individuals and the University from adverse circumstances.
Encryption works by scrambling real data and converting it to a non-readable format. The University provides full hard disk encryption which works by encrypting the hard disk of the computer including files, the operating system, and applications on the computer.
Limitations
Hard disk encryption only protects files while they are on your computer. Hard disk encryption will not apply to files:
- shared via email;
- transferred to or stored in shared network drives/folders or Google Drive.
An encrypted file will no longer be encrypted when it leaves your hard disk unless transferred to another encrypted hard disk or encrypted USB drive.
If an encrypted computer is left unlocked and unattended, anyone close to the computer can access the data stored and encryption will not protect against unauthorized access.
Note: Information on how to maintain file encryption for different use cases will be available in due course.
Operating systems and approved encryption software
The following are the supported operating systems for hard disk encryption:
- Windows OS 10 and up: Dell Encryption
- Mac OS 10.14.6 and up: Mac FileVault. See Knowledge Base.
Data Backup
Usually, hard disk encryption will not impact how you access your files or corrupt your files, but it is important that you back up your data before enabling hard disk encryption. To learn how to back up your files or to get support, email helpdesk@neiu.edu or follow the data backup user guide.
Encryption on employee-owned computers
Enabling hard disk encryption to protect data is good practice at home or work. If you wish to enable encryption on your personal computer, please see the user guide below for Windows and Mac computers:
- Windows: Turn on device encryption
- Mac: Encrypt Mac data with FileVault
FAQ
Windows Computers
How long will the installation take?
A few minutes between 5-10 minutes. After this, your computer will reboot or you may be asked to restart your computer. The encryption process will start after the computer is restarted.
What happens if my computer shuts down or restarts during installation?
Like any software installation, shutting down or restarting your computer will stop the encryption software installation and you will need to start the process again.
Will I be able to continue working during the software installation?
No. You will not be able to work for 5-10 minutes during the installation.
Will I be able to continue working during the encryption process?
Yes. The process will run in the background and should not affect your work.
Will encryption affect how I access my files?
Encrypting data does not restrict the ability of a user to view, create, change, rename, copy, move, share, or delete their files and folders as usual.
Will I be able to share encrypted files with others?
It depends:
Yes, if the encrypted files are shared with USB drives. When transferring files from an encrypted hard disk to a USB drive, you will be prompted to encrypt the USB before files can be transferred.
No. Encrypted files shared via email or transferred to the shared network drives/folders or Google Drive will lose encryption. Encrypted files will only remain encrypted when they are stored on an encrypted hard disk or USB drive.
MAC Computers
How long will the installation take?
After about a minute, the computer will restart. When you log into the computer, it will ask you to confirm encryption. The entire process should not take longer than 2-3 minutes to complete.
Will I be able to continue working during the software installation?
No. You will not be able to work during the installation.
Will I be able to continue working during the encryption process?
Yes. The process will run in the background and should not affect your work.
Will encryption affect how I access my files?
Encrypting data does not restrict the ability of a user to view, create, change, rename, copy, move, share, or delete their files and folders as usual.
I do not have a Self-Service application in my Applications folder.
Please contact helpdesk@neiu.edu or (773) 442-4357 and a technician will check if your Mac is currently enrolled in our Mobile Device Management system.
I do not see the Encrypt My Computer icon in the Self-Service application.
There are several possible reasons why you do not have the FileVault Disk Encryption - NEIU:
-
Did you previously run the Novell Migration & Login Improvements? If you haven’t, you may need to do so. It can be run via the Self-Service application.
-
Are you logging into the computer with a generic account or is a generic account currently on your computer? You can check by going into the System Preferences / Settings —> Users & Groups. The generic account may be named neiustaff. If so, please contact the Help Desk and a technician will either rename the account or, if the account is not being used, will remove the account.
-
Your Mac may also need to be re-enrolled into our Mobile Device Management system. Please contact the Help Desk to inspect or troubleshoot the issue
How is this process different than if I were to turn on FileVault manually?
It is essential that the Self-Service process is used. This process will escrow a digital security key with our management system and allow the Service Desk technicians to troubleshoot technical issues and assist with unlocking the computer if the password is forgotten.
Does encryption change how I use my password to log in?
After your computer has been encrypted, the computer will prompt you to enter your computer password before completing boot up. If your computer password is the same as your NetID password, the computer will automatically log you into the NEIU network after you log into the computer.
If the two passwords are different (not synchronized), the computer will prompt you to synchronize the two by entering both your NetID password and then your computer password. This will change your computer password to match your NetID password.
Will I be able to share encrypted files with others?
You can share your files with others but any files which leave your computer will no longer be encrypted.