On this page:
Encryption is the conversion of data into a form called ciphertext, that cannot be read by unauthorized people. There are different forms of encryption for files, including whole disk encryption and per-file encryption. Both can be used to help protect your data from being compromised or exposed.
- Encryption at MIT
- For more information on how to classify and secure your information, see Information Protection @ MIT.
Enable whole disk encryption on portable devices (laptops, tablets, phones) and for high risk data additionally on portable media (USB drives). This protects your entire device, and lets you unlock it with a password.
- Enable FileVault (whole disk encryption) on OSX 10.9 and up
- Enable FileVault on external disks
- Enable FileVault (whole disk encryption) on Time Machine backup drives on OS X 10.9 and up
- PGP Desktop
- How do I protect my portable hard drive and USB drive using PGP Desktop? Do I use the same PGP key?
- How do I use MIT's PGP Desktop for Windows to whole disk encrypt external storage drives?
- BitLocker FAQ
- Enabling BitLocker - Managed Computers
- Enabling BitLocker - Unmanaged Computers
File level encryption is the encryption of a single file for sharing that can be decrypted using a key. Use file level encryption when sharing high risk files on platforms like email, Dropbox, and Slack. Encryption keys must be shared via another method. Sending them with the files you've encrypted isn't offers no protection against compromise when the files and the key to decrypt them are kept together.
- Contact the IS&T Computing Help Desk