- Accounts & Access
- Business Applications
- Computers & Software
- Email & Calendar
- Help & Support
- IT Security
- Network & Telecom
- Web Services
Info & Resources:
Enterprise Whole Disk Encryption - Encryption at Rest
Also known as: Encryption - Whole Disk Encryption at Rest
Available to: Faculty & Staff
The IT Security Office (ITSO) offers whole disk encryption for Microsoft Windows and Apple workstations and laptops to protect against unwanted access to data when the computer is powered off. Whole disk encryption protects all of the data on hard drive. The enterprise solution supported by the ITSO allows for recovery if passwords are lost or operating systems experience failure through centralized, encryption key management. In addition, if a computer is lost, this service can create an audit trail to provide evidence of encryption and protection up to the point of loss.
This encryption solution provides access control restrictions in addition to those delivered by MESA. Auditing and logging, which provides assurance of system encryption, is performed by the application and can indicate and alert when unauthorized access is attempted.
The whole disk encryption solution provides limited protection for systems while they are powered on and is only one component of protecting highly sensitive data. The ITSO can assist with assessing and formulating additional, appropriate controls and recommendations.
This service is restricted to Microsoft Windows and Apple workstations and laptops.
Requirements for classifying, controlling, and protecting regulated data are described in University Policy Number 1114: Data Stewardship.
All users of the George Mason University network must adhere to University Policy Number 1301: Responsible Use of Computing.
How to Get this Service
To request encryption services outside the need to store highly sensitive data, contact the ITS Support Center and request "whole disk encryption services provided by the IT Security Office." Your request will be evaluated by the ITSO.
There is no charge for this service.
Once installed, the whole disk encryption client is self-supporting and does not require back end systems to remain functional.
Training is provided upon project engagement and during installation.
Last modified date: October 22, 2015