When and why to use encryption

It is essential that the University employs appropriate safeguards when sending information externally; encryption and strong password management are at the heart of this. 

Encryption is the process of scrambling information to make it meaningless to anyone without the key required to reverse the scrambling - rendering it useless to unauthorised users. This protects information from risks associated with interception of electronic traffic, and also reduces the risks of accidentally sending information to the wrong recipient.

How you can help: 

  • Check whether you need to share the information and how much you need to share
  • Can you anonymise it so that personal data is not identifiable?
  • Do you have a clear business need to share the information?
  • Decide on the best method to use and if unsure contact the Information Security team
  • All University laptops and MacBooks are encrypted; but remember that if your laptop is left unattended and logged in, the information is available to anyone with access to your laptop.

How to encrypt information and devices

How to encrypt information for the following:

Passwords

The use of encryption can be undermined by use of weak passwords.

How to create a strong and secure password:

  • Use long passwords.
    • For students, the minimum is 8 characters, but we recommend 16 characters
    • For staff, the minimu is 16 characters
  • Use a string of random words
    • Eg ‘main’, ‘later’ ‘only’, ‘mainlateronly’ for more complexity add numbers and capital letters and even symbols  ‘5mainlAter8only!’  
  • Avoid using words associated with you or your family, such as pet names, favourite foods, the names of family and friends as many of these can be guessed from social media sites or general information that people may already know about you
  • Avoid using the same password for multiple accounts
  • Avoid using passwords that only change by one number every time you update it.
    • Eg  ‘roaming1’ and then ‘roaming2’
  • Avoid ‘passw0rd1’ or other obvious passwords
  • Don’t write your password down - if you struggle to remember your passwords consider using a password management tool

For more information about managing your password, see: Managing your password.