The Official Web site for the Office of Information Technology - UTSA

This document should be rendered in an HTML format with cascading style sheets and JavaScript turned on.

Office of Information Technology Home Page

Skip to Main Content

Skip to Navigation

Please take a few minutes to read our Accessibility Page which will make your visit through this Web site easier.

Copyright (c) 2010. The University of Texas at San Antonio. All rights reserved.

OIT Home > About OIT > Information Resource Standards > Laptop Encryption Standard

Laptop Encryption

Encryption provides protection for data at rest by rendering the data inaccessible to those who might want to exploit its use and reduces the security risk associated with laptop loss. This policy covers all University-owned laptops.

  • All university laptops must be encrypted with software that provides for full disk encryption, except during international travel when export control regulations are in effect.* If decryption is required, the laptop must be re-encrypted upon return.

  • Exceptions to the encryption policy must be documented and approved by the Information Security Office. Exceptions to this provision include:

    • Computers that do not have the capacity or operating system to support encryption

    • Laptops dedicated to student use only,

    • Kiosk computers,

    • Portable computing devices attached to laboratory instruments,

    • Laptops running specific applications that are not compatible with encryption

  • No laptop may be removed from the UTSA campus unless it has been encrypted in compliance with the standard procedures or a documented and approved exception with the Information Security Office exists.

* The Office of the Vice President for Research will provide guidance and procedures preparing the laptop for foreign travel.
References for This standard:

Texas Administrative Code, 202.75,(7),(H), Encryption.

Last Revision:

Sept. 8, 2010

Account Management

Disposal of Computers
Other Electronic Devices

Laptop Encryption

Policy Exception and Risk Assumption Procedures

Administrative/Special Access

E-Mail Management

Log-in Disclaimer

Security Monitoring

Application Registration

Incident Management

Network Access

Security Training

Enterprise Backup &
Data Recovery

Information Resource Use and Security (pending)

Network Configuration

Server Hardening

Change Management

Information Security Risk Assessment

Password

Software Licensing

Computer Naming Convention

Information Security Administrator (ISA)

Patch Management Standard

Threat Detection and Prevention

Configuration and Asset Management

Information Security Training Standard

Personal Computing

Unauthorized File Sharing

Copiers and Printers

Information Services Privacy

Physical Access

Vendor Access

Data Center

Internet Use

Portable Computing

Web Application Vulnerability Scanning

Data Classification

Intrusion Detection

Protection Against Malicious Software

Wireless Network

 

 

 

Workstation Operating Systems Support

Tools