Control Restricted Information
Pepperdine University has routinely handled restricted information in volume in the past. A major goal of the cleanup is to reduce the amount of restricted information handled to the minimum required. If you must work with certain amounts of restricted information, it must be controlled. The electronic controls for restricted information are typically encryption controls.
Information Security, Application Systems and Development, and the C2C departments will work with you, as required, to apply controls and re-engineer the flow of RESTRICTED information. Please make all arrangements through the Information Security office, x6655 or firstname.lastname@example.org
Here is an overview of some encryption controls. Some are currently available. Others are projected to be available before April.
Secure E-mail Attachments - Pepperdine provides a secure e-mail attachments server for the internal and external transmission of RESTRICTED information and large files. This system is SUPPORTED by Information Technology and is certified for use in controlling restricted information now.
Secure Document Imaging - Pepperdine provides the Nolij document management system. This SUPPORTED system allows departments to securely store, index, and review images of paper documents. It is certified as a central administrative database and is available for use in controlling restricted information now.
PGP Whole Disk Encryption - is a software product that encrypts ALL the information on your personal computer hard drive. This protects the University from disclosure requirements when your computer is lost or stolen, provided you have followed our passphrase policy. This product will be SUPPORTED by Information Technology; your department will submit purchase paperwork in April; and the product will be installed on your systems by Information Technology personnel to insure that installation, backup, and passphrase requirements are met.
Password Managers - are securely encrypted storage for those with a need to remember lots and lots of passwords. Password managers can also generate strong passwords. They have other useful features such as categories, automatic locking of the password database, copy to clipboard on double-click and clear clipboard automatically after a set time, among others. This technology is recommended by ISO, but supported by the end user/vendor. Learn more about end user support and and the recommended software choices on the password manager page.
IronKey or Kanguru - are brands of tamper proof, strong encryption USB flash drives. In contrast to others on the market, this system uses real encryption; is usable on all popular personal computing systems; has built-in backup for data and your passphrase; and has protection against brute-force password guessing. This system is RECOMMENDED by Information Security, but not supported by Information Technology. This means that the system has been evaluated and validated for both usability, encryption, and overall aspects of security; this system will do the job of protecting restricted information when used according to Pepperdine policy and manufacturer standards. Not all encrypted USB flash drives are secure. End users with a USB requirement are requested to read all product documentation. These devices are available from Amazon and CDW-G.