OIS: FAQs: Encryption

What is Encryption?
Encryption is the process of taking a file (the cleartext) and scrambling (encrypting) that cleartext file to generate a second, scrambled file (the ciphertext or encrypted file). The scrambling is performed by a computer program known as an encryption algorithm. You tell the encryption algorithm how to encrypt the cleartext by supplying a secret password also known as an encryption key. The ciphertext looks like gibberish and cannot be decrypted, i.e., turned back into the cleartext, unless you have the key.

Why would I want to encrypt a file?
Typically, because the file contains confidential information. Every University user has a central duty to protect confidential information. That includes not only your own computer passwords, but also the financial, academic, and medical records of others entrusted to the University. Typically, that confidential information of others is kept in secure, central databases, but there may be times when some of that information needs to exported to another file (a local copy) so that it can be shared with another party, or worked on at home by an employee.

Local copies are troublesome because they are apt to be forgotten and misplaced. As such, they can be discovered by others, resulting in the unauthorized disclosure of confidential information. If, however, the local copy is an encrypted file, it will be unreadable to anyone who does not have the key.

What are the typical situations where I would encrypt a document?
Any time you have a file that contains confidential information. Typical examples:
  • A Word document that contains all of your usernames and passwords for various accounts;
  • A spreadsheet containing the names and grades of students taking your class;
  • A spreadsheet containing the social security numbers of everyone in your department;
  • PDF medical records of all the people in your test group.
How do I encrypt a document?
By using an encryption program. There are several programs for free on the Internet. The Information Security Office has used several of these: MEO, AxCrypt and TrueCrypt.