Encryption enabled on all ARE mobile systems

ARE IT made a decision to enable Microsoft’s Bitlocker on all mobile ARE computers (laptops, 2-in-1s, tablets). Microsoft Bitlocker is a full disk encryption software that is designed to protect users’ and university data. ARE Mac OS systems should already be encrypted using FileVault2. OIT recommends encrypting all endpoints that handle Green/White data in its Endpoint Protection Standard and requires it for systems that handle Purple/Yellow/Red data. See data management framework guidelines for details on the distinction of data.

  • All ARE Mac OS systems should have FileVault 2 (Mac OS built-in encryption software) enabled – you can check by doing the following:
    • Under the Apple Menu in the upper left corner of the screen, select “System Preferences”.
    • In the System Preferences window, click on “Security & Privacy.”
    • Click on the “FileVault” tab.
    • FileVault is “turned on” and the “recovery key” has been set, if it is not, please contact ARE IT.
  • Most Windows mobile systems that were issued by ARE IT had already been encrypted. If your system has been encrypted, you will not see any change. You can check if Bitlocker is enabled by doing the following:
    • Go to Windows Start Menu in the bottom left
    • Search ‘BitLocker’
    • Bitlocker settings should pop up as the top hit. Once you are there it will say whether the machine is encrypted or not. If it’s not, please DO NOT manually encrypt your computer.
  • If your Windows system hasn’t been already encrypted you may see the following message, if you do, please follow directions and let the machine encrypt itself.

If you require an exemption from Microsoft Bitlocker or Filevault 2, please contact ARE IT, these will be reviewed on a case by case basis. As always, please let me know if you have any questions or concerns.