Encryption at Notre Dame

Encryption protects data from unauthorized disclosure by encoding it with a password. You should always encrypt sensitive data when there is the risk that it will be lost or stolen. The University Data Handling Standards require the use of encryption for the storage or transmission of all highly sensitive information. The OIT strongly recommends the use of encryption for other sensitive information.

Notre Dame provides three options for faculty and staff seeking to encrypt data: encrypting with Microsoft Office, encrypting with special software that encrypts individual files, and software that encrypts your entire computer. The first two options are acceptable for transmitting highly sensitive information via email.

Encrypt Office Documents

Modern versions of Microsoft Office (2007 and newer) include easy-to-use encryption which, by default, uses AES 128-bit encryption and is compliant with University information handling standards.

For assistance, please see our instructions on Encrypting Documents with Office 2007.

Encrypting Individual Files and Directories

WinZip software also allows the encryption of individual files. Please note that WinZip does not automatically encrypt files. You must follow the WinZip file encryption process to encrypt a file. The OIT recommends individual file encryption for the transmission of files by electronic mail or similar means. It is also possible to decrypt encrypted ZIP files on a Macintosh.

Passwords for Zip encryption should be provided separately, preferably by telephone.

Encrypting Your Entire Computer

Notre Dame offers software to encrypt entire disks for both Windows and Macintosh systems. OIT strongly recommends the use of this software on mobile computers that contain sensitive University information.

Encrypting your computer only protects the files stored on your hard drive and only during the time they are stored on that drive. If you copy files to a CD, USB drive or send them via e-mail, you must use the individual file encryption option described below to protect them.

Supported operating systems for encryption are:

Approved Encryption Algorithms

The following encryption algorithms are currently approved for use with Sensitive and Highly Sensitive University information:

  • Advanced Encryption Standard (AES)
  • Triple Data Encryption Standard (3DES) with three keys
  • RSA (with at least a 1024-bit key)
  • Twofish

If you would like us to consider another algorithm for approval, please contact the OIT Help Desk at (574) 631-8111.