# Encryption Software Recommendation and Thoughts



## ClayPot (Dec 11, 2009)

Due to the nature of my work (university), there is potentially sensitive information on my computer. The university wants plausible deniability (i.e., if my laptop were stolen, they could say, "Hey, it was encrypted. We don't need to send letters to all 20,000 students saying their information may have been compromised and we are protected), or something like that. 

I need to encrypt two machines: a Windows Vista 64 bit machine and a Snow Leopard Mac Os 10.6 machine. 

There are many programs for encryption (and for encrypting various things like files, disks, containers, etc). For simplicity and security I was thinking of encrypting the entire operating system drive. I know this will slow things down, but there is less room for error in accidentally copying a file to the wrong location and leaving it unencrypted. TrueCrypt seems to be a good option for Windows. Does anyone have additional recommendations that are *free*? Also, is there a good *free* program that will do the same thing on my Mac? Other thoughts?


----------



## Semper Fidelis (Dec 11, 2009)

TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux


----------



## ClayPot (Dec 12, 2009)

Thanks Rich. It doesn't seem that this support full system encryption on a Mac? Do you (or someone else) think that this is overkill? There is a pay-for-use program called PGP WDE (whole disk encryption), but it doesn't seem to work on OS X 10.6.


----------



## Semper Fidelis (Dec 12, 2009)

jpfrench81 said:


> Thanks Rich. It doesn't seem that this support full system encryption on a Mac? Do you (or someone else) think that this is overkill? There is a pay-for-use program called PGP WDE (whole disk encryption), but it doesn't seem to work on OS X 10.6.



The OS doesn't have anything worth protecting. It is personally identifiable information that people care about.


----------



## Edward (Dec 12, 2009)

The university doesn't have data security policies and available software that they pay for and administer? Why would they even let you maintain sensitive data on your laptop? That's what servers and VPNs are for.


----------



## ClayPot (Dec 12, 2009)

Semper Fidelis said:


> jpfrench81 said:
> 
> 
> > Thanks Rich. It doesn't seem that this support full system encryption on a Mac? Do you (or someone else) think that this is overkill? There is a pay-for-use program called PGP WDE (whole disk encryption), but it doesn't seem to work on OS X 10.6.
> ...



Yeah, the problem is when you make an error and accidentally leave a sensitive file in an unencrypted location. I'll probably just use FileVault and be careful about having any sensitive information on my computer.

-----Added 12/12/2009 at 01:16:48 EST-----



Edward said:


> The university doesn't have data security policies and available software that they pay for and administer? Why would they even let you maintain sensitive data on your laptop? That's what servers and VPNs are for.



The university does have policies, but it's a little complicated. e.g., the policy only applies to PCs and Macs running OS X 10.5 or earlier. Linux machines and Snow Leopard machines aren't covered because there are no encryption programs available to do what they want. There is no privacy policy for any data on university owned computers which means 1. They want a backdoor into any university owned computer and 2. It's a bad idea to keep personal files in your university laptop!

As far as sensitive data goes, it could be something as trivial as an Excel spreadsheet with some student grades. If it has their name in the file (which of course is the easiest way to do it), then the file is "sensitive". The online gradebooks they have are okay, but can't do common things like drop the lowest three quiz scores and average the rest of the grades. Thus, one often needs to download the gradebook on your computer to make the necessary computations and then enter the data into the online gradebook. I always try to delete the information off my computer, but it can be difficult when you are using something a lot.


----------



## Edward (Dec 12, 2009)

Thanks. The folks I work for are very sensitive about data security, especially PII. I wouldn't think of putting data on a personal machine.


----------

