Use cases: what type of encryption to use and when.
If you are:
- encrypting a laptop to protect data against possible theft: use whole disk encryption
- sending a sensitive document by email: use an encrypted container or small disk image
- always check if the recipient can process the encrypted file type (.ZIP etc.)
- carrying some work data home on a USB key: use an encrypted folder
- using a ready-encrypted USB key: use the USB key according to its user instructions
- sending encrypted information that is too large to attach to email: use an encrypted container on a University supported cloud-based storage service. Send a link to the encrypted information in your email instead of the whole encrypted file.
- using Dropbox, Google drive or other unsupported third-party cloud storage services: do not use these for University information.
- using a mobile phone: ensure it is encrypted
Always use University-supported storage services when sharing information, even when you are sharing information with people from outside the University.
University supported cloud-based storage services
Third party cloud services like DropBox, Google drive, and others
University information should be stored on supported and managed University services such as OneDrive, Sharepoint, DataSync or DataStore.
If using a third party cloud-storage service is the only way to get the information to a recipient, you must insist on using encryption. You need to ensure the person you are sharing it with only has a short time (half a day or so) in which they can copy the file, and then you must delete it. Co-operate with the recipient, to ensure the window of opportunity for your information to be intercepted is as small as possible. Doing this, shows them that you attach importance to protecting the information, and that they also need to protect it.
If you have questions around the use of third party cloud apps and their security, contact the Information Security team.