Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

ESP PROGRAM DEFINITION

advertisement 
Department of Information Technology
Office of Information Security
Title
Data Encryption Guidelines
Purpose
Encryption when combined with appropriate access controls is an important technology for protecting the
confidentiality and integrity of College data. The following guidelines help illustrate when encryption is necessary to
protect College data.
Scope
These guidelines apply to all devices storing or transmitting College data.
Requirements:
1.
Transmission :
a. Confidential data must be transmitted using encryption.
b. Passwords for College accounts should always be transmitted using encryption.
c. It is recommended but not required that encryption be used when transmitting any data not intended
for public use.
2.
Storage:
a. Confidential data must be encrypted if stored on a portable device.
Implementation Guidance
Transmisson
1.
File transfers
Encrypted file transfers can be done by using an encrypted transmission protocol or service such as sftp or scp.
If an unencrypted mechanism is used to transfer a confidential file, the file must encrypted before being
transferred. Information Technology provides sftp and scp access to the personal file space for all faculty,
staff, and students. Sftp access is available for shared storage space.
2.
Web Applications
Confidential data communicated between a web application and the client machine should be encrypted using
TLS/SSL or other secure protocols.
3.
Remote Sessions
Remote sessions to machines storing confidential data must be encrypted through the use of secure protocols
or applications (TLS/SSL, SSH). Remote sessions that are authenticated using College credentials must be
encrypted.
4.
Email
Email is not considered a secure method for sharing sensitive files. The College has clear rules prohibiting
this. End users are instructed to contact Information Technology if assistance is needed with transferring
secure files.
Page 1 of 2
Department of Information Technology
Office of Information Security
5.
Virtual Private Network
The College provides an VPN that can provide encrypted access to services that don’t offer encryption
services natively. VPN access is available upon request.
Storage
1.
Whole Disk Encryption
Encryption of confidential data stored on portable devices(laptops, PDAs, phones) should be done using
whole disk encryption when technically feasible. In the absence of whole disk encryption, file based
encryption should be used..
2.
File encryption
File level encryption of confidential data is appropriate when files must be sent using an unencrypted transport
method or when storing confidential data on portable media(USB drives, CDs, tapes).
Definitions
Review and Revision History
Author
Pete Kellogg, ISO
Pete Kellogg, ISO
Notes
Initial version.
No changes.
Date
6-1-2008
5-27-2010
Page 2 of 2
Related documents
Electronic Data Encryption Policy 2015
Electronic Data Encryption Policy 2015
Description
Description
Issue 73 Encryption Algorithm
Issue 73 Encryption Algorithm
Hwk #11
Hwk #11
Security Questions and Answers
Security Questions and Answers
2_23
2_23
Generic encryption
Generic encryption
PRAIRIE VIEW A&M UNIVERSITY UNIVERSITY ADMINISTRATIVE PROCEDURE
PRAIRIE VIEW A&M UNIVERSITY UNIVERSITY ADMINISTRATIVE PROCEDURE
Institution: - University of Texas System
Institution: - University of Texas System
IP-guard V+ Encrypts and secures your corporate data Introduction
IP-guard V+ Encrypts and secures your corporate data Introduction
Download
advertisement