Skip to main content
Penn Information Systems & Computing Systems Home

Search form

Getting system status
  • Get Started
    • IT Staff
    • Faculty
    • Staff
    • Students
    • Alumni & Guests
    • ISC Staff
  • Services
    • — Services A to Z —
    • Accounts, Access & Security
      • Access Management Services
      • Active Directory
      • Identity Management Services
      • Information Security Services
    • Applications & Data Analytics
      • Application Development & Delivery
      • Data Analytics
        • Data Analytics at Penn
      • Integration Development & Delivery
    • Backup, Storage & Platforms
      • BackItUp
      • Cloud Solutions
      • Data Center & Colocation Solutions
      • Database & Application Platform Support & Consulting
      • Endpoint Management
      • Recovery Solutions
      • Storage
      • Virtual Desktop
      • Virtual Server Hosting
    • Community, Support & Learning
      • Classroom Technology Services
      • Desktop Engineering
      • IT Community Events
      • LinkedIn Learning
      • Tech Center
    • Consulting & Professional Services
      • Brokered Products
      • HireIT
      • Systems Support & Consulting
      • Technology Forecasting
    • Email, Calendaring & Collaboration
      • Classlists
      • Penn Email Routing
      • PennBox
      • PennNet Mailing Lists
      • PennO365
      • PennZoom
      • SMTP-Relay
      • Secure Share
    • Networks & Connectivity
      • Firewall Services
      • Network Design & Installation
      • PennNet
        • Network Names & Numbers
        • MAGPI (Penn's Internet2 Regional Optical Network)
      • PennNet Ethernet Ports
      • Wireless at Penn
    • Phone, TV & Video
      • Contact Center
      • Live Video Streaming
      • Penn Video Network
      • PennFlex Phone
      • Traditional Telephony
      • Video Content Management
      • Video Production
        • Producing Video Content
    • Web Hosting
      • Web Hosting Service
    • — Service Rates —
    • — Service Level Agreements —
  • Security
    • Office of Information Security
    • Security Services
    • Special Projects
    • Policies & Procedures
    • Training & Awareness
    • Penn SecureIT program
  • Collaborations
    • Computing Policies
    • Engaging Penn’s IT Community
    • Identity & Access Management
    • Penn IT Strategic Plan
    • Cloud First
    • Next Generation Unified Communications
    • Penn Bot
    • IT Advisory Groups
      • Common Solutions
      • IT Roundtable
      • Network Policy Committee
      • Penn Technology Investment Committee (PTIC)
        • About PTIC
        • The PTIC IT Development Fund
    • Special Interest Groups (SIGs)
      • Audio-Visual (AV-SIG)
      • Cloud Computing (Cloud-SIG)
      • Data Visualization (DataViz-SIG)
      • Developer SIG (Dev-SIG)
      • High-Performance Computing (HPC-SIG)
      • Instructional Technology SIG
      • Linux SIG
      • Macintosh Networking Group (MacNet)
      • Mobile Technologies (Mobile-SIG)
      • O365 Special Interest Group
      • PC Networking Group (PC-Net)
      • Project Partners SIG
      • Security SIG
      • Social Media SIG
      • Splunk Special Interest Group
      • Super User Group (SUG)
      • Web SIG
    • Technology Services Strategy Review Board
  • News
  • About
  • Hot Topics
  • Get IT Help

You are here

Home » Encryption

Encryption

If a portable device contains sensitive data (SSNs, bank account numbers, patient health information), it should be encrypted to avoid fines and criminal misuse in case the device becomes lost or stolen. As well, e-mail offers little to no privacy, making it a vulnerable platform for confidential communication. To share sensitive data, either use Secure Share or send an encrypted attachment.

Encrypting Laptops and Thumb Drives

Following is encryption instruction for Windows and Mac. Before encrypting, ensure you have a good backup.

  • Windows: BitLocker
    • Drive Encryption Overview: https://technet.microsoft.com/en-us/library/Cc732774.aspx?f=255&MSPPError=-2147217396​
    • Encrypting Thumb Drives: https://technet.microsoft.com/en-us/magazine/ff404223.aspx
  • Mac OS X: FileVault
    • Enabling FileVault on El Capitan (10.11) or Yosemite (10.10)
    • With a recovery key (key escrow): https://support.apple.com/en-us/HT202385
    • Best Practices for Deploying FileVault2: http://training.apple.com/pdf/WP_FileVault2.pdf

Sharing Files with Sensitive Data

  • Secure Share is a service that can transfer files securely between individuals affiliated with Penn when other mechanisms (e.g., secure, shared file servers) aren't available.
  • Another option (especially for sharing information with individuals outside of Penn) is to put the sensitive data in a document, encrypt it, and send it in an email:
  1. Put sensitive data into a document using Microsoft Word/Excel 2007 (or later) or use WinZip.
  2. Select Save As > Tools > General Options > Password to open
  3. Set unguessable password:
    • Correct: CebCavuts9 or NutellaToastMelonBun
    • Incorrect: W3Lc0me123 (Attackers use tools that trivially make substitutions like 3 for etc.)
  4. Call the recipient and tell them the password.

NOTE: Setting a password to modify is optional. However, using only this password is not strong enough to protect the document. You must set a password to open to encrypt the document securely.

 

Visit ISC on LinkedIn

Print
InfoSec Home
Resources
  • InfoSec Training & Awareness
  • IT Security Policy
Contact InfoSec
  • Computing Policies
  • Tech Jobs @ Penn

© 2025 THE UNIVERSITY OF PENNSYLVANIA — 3401 Walnut Street, Philadelphia, PA 19104 — Report accessibility issues and get help — For ISC Staff