Whole Disk Encryption

Encrypting your computer through Whole Disk Encryption is one of the most effective ways to protect information stored on your hard drive. If your computer stores or processes high risk data, encrypting your hard drive is a necessary step to ensure the security of any data in case of loss or theft of your device. High risk data should only be stored on approved OIT locations under UI policies and standards; however, to protect any incidental data that may accidentally reside on your local system, Whole Disk Encryption is an essential best practice.

OIT manages the built-in encryption technologies for both Windows and Mac desktop and laptop computers with JAMF and Microsoft Intune. Encryption happens seamlessly for all data stored on your hard drive(s). This information is safe while the computer is shut down and may requires a password/PIN before the information can be accessed again after reboot. If your device is ever lost or stolen, OIT can verify that the device was encrypted and that your information cannot be accessed by any third party.

Request Service

Related Articles (8)

The following locations have been approved by OIT for storage of university data, consistent with U of I policies and standards.
Instructions for user setup of Filevault encryption on macOS.
Remote reboot instructions for BitLocker users.
Reset a forgotten BitLocker password when the device is managed only by Intune.
Instructions for user setup of BitLocker PIN on Windows.
In the case that a user forgets the Power-On-Authentication passphrase that they set when encryption was enabled, this tutorial will demonstrate how a recovery key can be generated so that they can boot their OS X Apple computer and reset their passphrase.
This article contains information about Whole Disk Encryption at U of I.
Answers to frequently asked questions about Whole Disk Encryption.


Service ID: 660
Mon 12/11/17 4:52 PM
Fri 5/19/23 4:41 AM