Desktop Encryption Home

Frequently Asked Questions

• What types of computers can be encrypted?
• Why encrypt the computers?
• Why should I use Check Point Full Disk Encryption instead of FileVault on my Mac?
• When will we begin encrypting computers?
• Do I need to do anything before encryption can begin?
• How long does it take to encrypt?
• Will I need to do anything differently after encryption?
• Will Check Point Full Disk Encryption encrypt my Time Machine backup drive?
• Will external data devices like jump drives or CD’s made from my computer be encrypted?
• Will my email be encrypted during this process?
• What if I have questions about full disk encryption?

What types of computers can be encrypted?

Check Point Full Disk Encryption can be installed on the following operating systems:

Windows 2000
Windows XP
Windows Vista
Windows 7
Mac OS X 10.6
Mac OS X 10.7
Mac OS X 10.8

Why encrypt the computers?

Once encrypted, if your desktop or laptop should be stolen or misplaced, the computer’s data will not be accessible. This protects the individuals who may have their sensitive information stored on your computer system, and protects the University by ensuring sensitive and confidential data are not released to unauthorized personnel.

While FileVault in Mac OS X 10.7 (Lion) and Mac OS X 10.8 (Mountain Lion) is a full disk encryption solution, it does not provide a centralized status update.  A Mac computer with Check Point Full Disk Encryption will report the encryption status (but not any of the computer's data) to a centralized server.  In the event that a computer with Legally Restricted data is stolen or lost, University IT can check the Check Point Full Disk Encryption status log to ensure the computer was encrypted.  If this same computer had been encrypted with FileVault instead of Check Point, University IT would have no way to verify the computer was encrypted and the theft of Legally Restricted data would need to be reported.  This could result in financial sanctions for the University or department responsible for the computer.

 When will we begin encrypting computers?

Encryption of Windows computers began in December 2007 and is now part of the standard configuration as required.   Encryption of Mac computers began in May 2012.  Your department’s coordinator will schedule installations on each computer.

Do I need to do anything before encryption can begin?

Your IT support person will assist you with defragmenting your hard drive the day before your installation. This procedure is necessary to ensure an efficient encryption process.

How long does it take to encrypt?

Initial installation of the full disk encryption software takes less than a half hour. After initial software installation, the computer will encrypt the hard drive in an average of 8-10 hours, depending on your computer’s hard drive size. You may use your computer while it is encrypting.

Will I need to do anything differently after encryption?

You will not be required to change any behavior. You may notice a Check Point Encryption status bar appear when you first start your computer, but you will not need to change anything you currently do to access or use your computer.

Will Check Point Full Disk Encryption encrypt my Time Machine backup drive?

Note that University policy requires that Legally Restricted Information be encrypted when stored outside of University data centers.  This includes backup data that contains Legally Restricted Information.  Check Point Full Disk Encryption will only encrypt internal disks and will not encrypt your Time Machine backup drive. In the event that you need to encrypt your Time Machine backup drive, University IT recommends that you use the built-in encryption ability of Time Machine. This can be done with the following procedure:

1. Launch System Preferences, then click on the Time Machine icon.
2. Go to Select Disk and select the disk you’re using for your Time Machine backup.
3. Check the box next to “Encrypt backup disk” and click the Use Backup Disk button.
4. Type in a password of your choice. Make sure it’s difficult for others to crack, but easy for you to remember. If you need to restore from your backup in the future and forget this password, you will be unable to restore from the backup.

Will external data devices like flash drives or CD’s made from my computer be encrypted?

No, flash drives attached to your computer and CD/DVD’s created on your computer will not be encrypted using this technology. Only your internal hard drive will be encrypted. Please take special care when using flash drives and CD/DVD’s to transport sensitive and confidential information, and refer to Dr. Berk's memo on security of portable devices and media.

Will my email be encrypted during this process?

No, email will not be encrypted using full disk encryption. Please take special care when emailing sensitive and confidential information, and refer to Dr. Berk's memo on security of portable devices and media.

What if I have questions about full disk encryption?

If you have any questions or concerns, please contact your local IT support representative or the IT Center at 275-2000.

Need Help?

Stay Secure

Get Connected

Need Technology?

Incoming Students

Students

Faculty/Staff

Office of the Vice President for IT and CIO

myIdentity

Other IT Resources

IT Notices/Outages

About University IT

University IT Home