Welcome to the IS-3 Annual Theme webpage for FY24! On this page you will find practical tools, resources and videos for encrypting the workstations in your unit.
Option #1: Berkeley Managed Desktop Service
(Recommended)
Enroll your workstations in the Berkeley Managed Desktop service, which offers a number of benefits such as:
- Encryption by default for newly enrolled desktop and laptop computers
- Standard operating system and software
- Automated maintenance, which provides less downtime and faster support from ITCS
- Have more security to defend against cyber attacks
- Email itcshelp@berkeley.edu for help enrolling in the Berkeley Managed Desktop service
For workstations that are already managed by Berkeley IT:
If your computer is already managed by Berkeley IT, you can encrypt it yourself using the Self-Service Encryption guide for Windows or the Self-Service Encryption guide for Mac
Option #2: Self-Encrypt Your Computer
For self-managed computers, you can enable full disk encryption by following these instructions based on your operating system:
- Also see the videos on this page for how to encrypt personally-managed Mac and Windows computers
NOTE: Under Option #2, you will be responsible for securely storing your encryption recovery key in a password management tool such as LastPass in case you need to recover your data. However, when using the Berkeley Desktop service (Option #1), encryption recovery keys are stored and managed for your system automatically.
Why Encrypt?
“Over 2 million laptops are reported stolen each year in the United States, and thousands are misplaced or lost. UC Berkeley is no exception.” (Insurance, E, 2023).
One of the best and easiest ways to protect the personal and UC-owned data on your computer is to encrypt your computer. Encryption makes the data on your computer unreadable in the event it is lost, stolen, or confiscated.
The campus priority is to, at a minimum, encrypt all high-risk P3/P4 devices; however, it’s recommended that all employees encrypt all devices. UC Berkeley offers several solutions to help you encrypt workstations and laptops. Berkeley IT enables encryption by default for new managed computers. As of October 2023, over 5,000 managed computers have been encrypted via Bigfix. However, many existing managed and non-managed computers still need to be encrypted.
Full Citation:
Insurance, E. (2023). Laptop Security and Data Protection. Count on EMC Insurance. Retrieved November 7, 2023, from https://www.emcins.com/losscontrol/techsheet/laptop-security-and-data-protection#