Policies and documents
Guidance on Data Encryption
When should data be encrypted?
Confidential or sensitive data such as personal information that is stored and transmitted on portable devices such as laptops should be secured against unauthorised access.
Historically, passwords have been considered sufficient to protect portable devices. However, it is now recommended by the Information Commissioner to “encrypt any personal information held electronically that would cause damage or distress if it were lost or stolen”.
If you are unsure if the data you need to store or transmit using a portable device should be encrypted, please contact ILS and the Data Protection Officer for further advice. ILS recommend full laptop encryption, and provide this service free of charge. ILS also recommends a backup copy of the data be held on an encrypted USB device. ILS can provide a DataShur Encrypted USB Stick should this be a suitable solution.
Essential Information about the use of Encryption
- You should keep a master copy of any encrypted data on the university network.
- You should only take confidential or sensitive data off-site where it is essential.