Check Point Full Disk Encryption can be installed on the following operating systems:
Mac OS X 10.6
Mac OS X 10.7
Mac OS X 10.8
Once encrypted, if your desktop or laptop should be stolen or misplaced, the computer’s data will not be accessible. This protects the individuals who may have their sensitive information stored on your computer system, and protects the University by ensuring sensitive and confidential data are not released to unauthorized personnel.
While FileVault in Mac OS X 10.7 (Lion) and Mac OS X 10.8 (Mountain Lion) is a full disk encryption solution, it does not provide a centralized status update. A Mac computer with Check Point Full Disk Encryption will report the encryption status (but not any of the computer's data) to a centralized server. In the event that a computer with Legally Restricted data is stolen or lost, University IT can check the Check Point Full Disk Encryption status log to ensure the computer was encrypted. If this same computer had been encrypted with FileVault instead of Check Point, University IT would have no way to verify the computer was encrypted and the theft of Legally Restricted data would need to be reported. This could result in financial sanctions for the University or department responsible for the computer.
Encryption of Windows computers began in December 2007 and is now part of the standard configuration as required. Encryption of Mac computers began in May 2012. Your department’s coordinator will schedule installations on each computer.
Your IT support person will assist you with defragmenting your hard drive the day before your installation. This procedure is necessary to ensure an efficient encryption process.
Initial installation of the full disk encryption software takes less than a half hour. After initial software installation, the computer will encrypt the hard drive in an average of 8-10 hours, depending on your computer’s hard drive size. You may use your computer while it is encrypting.
You will not be required to change any behavior. You may notice a Check Point Encryption status bar appear when you first start your computer, but you will not need to change anything you currently do to access or use your computer.
Note that University policy requires that Legally Restricted Information be encrypted when stored outside of University data centers. This includes backup data that contains Legally Restricted Information. Check Point Full Disk Encryption will only encrypt internal disks and will not encrypt your Time Machine backup drive. In the event that you need to encrypt your Time Machine backup drive, University IT recommends that you use the built-in encryption ability of Time Machine. This can be done with the following procedure:
No, flash drives attached to your computer and CD/DVD’s created on your computer will not be encrypted using this technology. Only your internal hard drive will be encrypted. Please take special care when using flash drives and CD/DVD’s to transport sensitive and confidential information, and refer to Dr. Berk's memo on security of portable devices and media.
No, email will not be encrypted using full disk encryption. Please take special care when emailing sensitive and confidential information, and refer to Dr. Berk's memo on security of portable devices and media.
If you have any questions or concerns, please contact your local IT support representative or the IT Center at 275-2000.