Skip to Content

Protecting Sensitive Data: Encrypting Your Data


Data Encryption Solutions


Encryption offers protection by scrambling data, so only the owner of the key or password can read the data.

Two types of encryption are available to members of the UVa community: the VPN and hard drive/file encryption.

The Virtual Private Network (VPN): A VPN scrambles data as it is transmitted between your mobile device and a server. This allows you to access sensitive data securely stored on a remote server. It's always more secure to leave sensitive data on a server, where it is managed by a system administrator, and use a VPN to access it.

Hard Drive and/or File Encryption: When you have no option other than to store sensitive data on your hard drive, and such storage has been approved, you must encrypt your hard drive or the relevant files on your hard drive. If you lose your computer or electronic media, the encryption will protect the data, and render it invisible to anyone but you, since you alone know the password. Please see the Guidance on the Electronic Storage of Highly Sensitive Data for additional information.

VPN Encryption

Both ITS and Health Systems Computing Services (HSCS) offer a VPN solution for members of the UVa community.

Before installing: You will have to download and install a personal digital certificate, and possibly, download and install a VPN client.

If you need help: Contact your Local Support Partner (LSP), the UVa Help Desk, or the HSCS Help Desk at 434-924-5334.

Hard Drive and/or File Encryption


Before you encrypt data: You are strongly advised to check with your LSP and/or system administrator before you begin the encryption process.

Members of the UVa community should use a reputable commercial product that encrypts with a 256-bit or larger key; or for Health Systems Technology Services (HSTS) users, encryption methods the HSCS Security Office recommends.

UVa has previously suggested using TrueCrypt to encrypt sensitive data -- because it was free, cross-platform, and trusted -- but it is no longer supported by its developers.

Built-in encryption options are available in some versions of the Windows and Mac operating systems.

In Microsoft Windows (Professional, Enterprise, and Ultimate versions only), the Bitlocker utility can encrypt both full drives and folders.

On the Mac, Disk Utility can create encrypted folders, while FileVault can be used to encrypt full disks.

For Linux, we are still exploring available options.

We will provide updates on encryption solutions as they become available.

If you have any questions, please contact it-security@virginia.edu

Important: Make sure you remember the password you create! If you forget it, you will not be able to access the files.

Page Updated: 2014-05-29