The purpose of the Stanford Whole Disk Encryption (SWDE) service is to protect Restricted and Confidential Data that must be stored on faculty and staff computers.
The Stanford Whole Disk Encryption service is for both Windows and Macintosh desktop and laptop computers. This service secures data using standard NIST-approved encryption of the computer hard disk. Once installed, all files are automatically encrypted. The data is protected while the computer is in standby or hibernation mode as long as the hard disk is password protected.
While there is no single solution to protect the university's data, Stanford Whole Disk Encryption protects all data on a hard disk from unauthorized access in the event the computer is lost or stolen. Additional data protection may be needed to reduce risks in other scenarios, such as transferring data from one computer to another.
- Only those with password access to the system are authorized to access the data, which protects the data if your computer is lost or stolen.
- Every computer using SWDE automatically checks in with a logging and administrative server on a regular basis. In the event of loss or theft of a computer with Restricted Data, Stanford policy; requires notification of the Information Security Office (ISO). ISO in turn will use the log to determine if a lost or stolen computer is a "reportable" event, possibly requiring notification of persons whose data may have been lost or stolen.
- In the event you lose or forget your password, the IT Service Desk will assist you in accessing your computer.
- If necessary, the whole disk can be unencrypted (with the assistance of IT Services to guarantee the integrity of the audit trail).
Unlike the previous iteration of this service, no special sign up is required before making use of this service.
See Getting Started with Stanford Whole Disk Encryption for more information.