What is encryption “at rest?”

The only approved and supported method for university computers "at rest" is whole disk encryption used for personal desktop and laptop computers. Servers which have not been approved by the IT Security Office as having sufficient mitigating controls in place should also use encryption.

Whole disk encryption:

Protects the entire contents of the hard drive
Protects the data from theft when the system is turned off (loss or theft of the computer won’t expose data on an encrypted hard drive)
May not protect the data when the system is turned on

The university has an enterprise encryption solution for Windows-based systems. Approval to store sensitive data will trigger a request to have the Windows system encrypted.

Last modified: September 7, 2018

What are some examples of encryption “in transport?”

Who are “Data Owners” and what are their responsibilities?

ITS Technical Support Now Available 24/7

Students, faculty, and staff can receive technical support any time—day or night, on weekends, and even holidays. If you need IT help, call 703-993-8870 anytime or create a request ticket.

Knowledge Base

What is encryption “at rest?”

Previous

What are some examples of encryption “in transport?”

Next

Who are “Data Owners” and what are their responsibilities?

Get Started at Mason

Quick Links

Explore IT Services

Follow Us

ITS Support 24/7