Control Restricted Information
Pepperdine University has routinely handled restricted information in volume in the past. A major goal of recent cleanup initiatives is to reduce the amount of restricted information handled to the minimum required. If you must work with certain amounts of restricted information, it must be controlled. The electronic controls for restricted information are typically encryption controls.
Multiple teams within Information Technology are available to consult with you. Please connect with us so that we can assess the type of restricted information that you or your department handles and how best to minimize, cleanup, or control this data. IT's Information Security, Office (ISO) Enterprise Information Systems (EIS), and Constituent Relationship Management (CRM) teams will work with you, as required, to apply controls and re-engineer the flow of restricted information. Please make all arrangements through the Information Security Office, x4040 or firstname.lastname@example.org.
Here is an overview of some encryption controls.
Secure Attachments - Pepperdine provides a secure attachments service for the internal and external transmission of restricted information and large files. This system is supported by Information Technology and is certified for use in controlling restricted information
Secure Document Imaging - Pepperdine provides the Etrieve document management system. This supported system allows departments to securely store, index, and review electronic forms, digital documents, and images of paper documents. It is certified as a central administrative database and is available for use in controlling restricted information.
PGP Whole Disk Encryption - is a software product that encrypts ALL the information on your personal computer hard drive. This protects the University from disclosure requirements when your computer is lost or stolen, provided you have followed our passphrase policy. This product is supported by Information Technology and is installed on your systems by Information Technology personnel to ensure that installation, backup, and passphrase requirements are met.
Password Managers - are securely encrypted storage for those with a need to remember lots and lots of passwords. Password managers can also generate strong passwords. They have other useful features such as categories, automatic locking of the password database, copy to clipboard on double-click, and clear clipboard automatically after a set time, among others. This technology is recommended by ISO, but supported by the end-user or vendor. Learn more about end-user support and the recommended software choices on the password manager page.
IronKey or Kanguru - are brands of tamper-proof, strong encryption USB flash drives. In contrast to others on the market, this system uses real encryption; is usable on all popular personal computing systems; has built-in backup for data and your passphrase; and has protection against brute-force password guessing. This system is recommended by Information Security, but not supported by Information Technology. This means that the system has been evaluated and validated for both usability, encryption, and overall aspects of security; this system will do the job of protecting restricted information when used according to Pepperdine policy and manufacturer standards. Not all encrypted USB flash drives are secure. End-users with a USB requirement are requested to read all product documentation. These devices are available from Amazon and CDW-G.