Frequently Asked Questions
- What types of computers can be encrypted?
- Why encrypt the computers?
- Why should I use Check Point Full Disk Encryption instead of FileVault on my Mac?
- When will we begin encrypting computers?
- Do I need to do anything before encryption can begin?
- How long does it take to encrypt?
- Will I need to do anything differently after encryption?
- Will Check Point Full Disk Encryption encrypt my Time Machine backup drive?
- Will external data devices like jump drives or CD’s made from my computer be encrypted?
- Will my email be encrypted during this process?
- What if I have questions about full disk encryption?
Check Point Full Disk Encryption can be installed on the following operating systems:
Mac OS X 10.6
Mac OS X 10.7
Mac OS X 10.8
Mac OS X 10.9
Once encrypted, if your desktop or laptop should be stolen or misplaced, the computer’s data will not be accessible. This protects the individuals who may have their sensitive information stored on your computer system, and protects the University by ensuring sensitive and confidential data are not released to unauthorized personnel.
While FileVault 2 in Mac OS X 10.7 (Lion), Mac OS X 10.8 (Mountain Lion), and Mac OS X 10.9 (Mavericks) is a full disk encryption solution, it does not provide a centralized status update component. A Mac computer with Check Point Full Disk Encryption will report the encryption status (but not any of the computer's data) to a centralized server. In the event that a computer with Legally Restricted data is stolen or lost, University IT can check the Check Point Full Disk Encryption status log to ensure the computer was encrypted. If this same computer had been encrypted with FileVault instead of Check Point, University IT would have no way to verify the computer was encrypted and the theft of Legally Restricted data would need to be reported. This could result in financial sanctions for the University or department responsible for the computer.
Encryption of Windows computers began in December 2007 and is now part of the standard configuration as required. Encryption of Mac computers began in May 2012. If you are in a high-risk department and your computer is not encrypted, please contact your IT support staff to schedule an installation time.
Your IT support person will assist you with performing a check of your hard drive the day before your installation. This procedure is necessary to ensure an efficient encryption process.
Initial installation of the full disk encryption software takes less than a half hour. After initial software installation, the computer will encrypt the hard drive in an average of 8-10 hours, depending on your computer’s hard drive size. You may use your computer while it is encrypting.
You will not be required to change any behavior. You may notice a Check Point Encryption status bar appear, but you will not need to change anything you currently do to access or use your computer.
Note that University policy requires that Legally Restricted Information be encrypted when stored outside of University data centers. This includes backup data that contains Legally Restricted Information. Check Point Full Disk Encryption will only encrypt internal disks and will not encrypt your Time Machine backup drive. In the event that you need to encrypt your Time Machine backup drive, University IT recommends that you use the built-in encryption ability of Time Machine. This can be done with the following procedure:
- Launch System Preferences, then click on the Time Machine icon.
- Go to Select Disk and select the disk you’re using for your Time Machine backup.
- Check the box next to “Encrypt backup disk” and click the Use Backup Disk button.
- Type in a password of your choice. Make sure it’s difficult for others to crack, but easy for you to remember. If you need to restore from your backup in the future and forget this password, you will be unable to restore from the backup.
No, flash drives attached to your computer and CD/DVD’s created on your computer will not be encrypted using this technology. Only your internal hard drive will be encrypted. Please take special care when using flash drives and CD/DVD’s to transport sensitive and confidential information, and refer to Dr. Berk's memo on security of portable devices and media.
No, email will not be encrypted using full disk encryption. Please take special care when emailing sensitive and confidential information, and refer to Dr. Berk's memo on security of portable devices and media.
If you have any questions or concerns, please contact your local IT support staff or the University IT Help Desk at 275-2000.