External Media Encryption
As mandated by the Sutter Health Data Security Office, Samuel Merritt University (SMU) will require all USB storage devices which contain University owned data to be encrypted, effective January 2, 2013. Encrypting removable media like USB thumb drives, USB hard drives, and CDs and DVDs, is an important part of information security. Although this may be perceived as impedance to productivity, the process of protecting your data is fairly simple and manageable. Removable storage devices are very easily lost, and protecting the data helps assure that sensitive information will not fall into the wrong hands.
If you use a USB drive to transfer information from your SMU computer to another system, please watch these short videos which comprehensively explain how USB encryption works. Any references to Sutter Health in these videos are applicable to SMU.
For users whose system is currently protected by Credant, the primary change will be the ability to encrypt files when transferring them to a USB device. When a USB device is inserted into the USB port of your SMU computer, you will be prompted with an offering to encrypt the media.
For first time users:
If yes is selected (to encrypt), you will be prompted to create a password. From this point on, all data transferred to the device from an SMU computer will be encrypted, and you will need this password to retrieve the data in the future. If no is selected (not to encrypt), you will only have read access to the USB device from your SMU computer.
You will be prompted whenever you plug in a USB for that device's password.
The SMU Helpdesk is prepared to assist users with any issues related to external media encryption.
Information Technology Services will provide workshops to demonstrate the encryption process and to help guide users with best practices for managing files on USB devices.
Q: Does encryption change how I use my PC or applications?
A: No. You should not notice any difference in the performance of your Sutter Health computer, but your data will be protected as it is saved to removable devices and media
Q: Will I see encryption happening?
A: No. Encryption is transparent and automatic.
Q: Will encryption change how I use applications?
A: No. Applications won’t even notice the encryption process because it’s done automatically in memory.
Q: What is a removable media password?
A: This is a password you define for each removable device you encrypt. It is used to ensure the encrypted data can’t be accessed by anyone who does not know the password.
Q: Is the password for my encrypted media the same as my Windows password?
A: No. The password for your encrypted media is not the same as the password used to log into your Windows computer or your Windows Mobile device. A different password should be created for USB encryption.
Q: What passwords are valid for encrypted media?
A: Your password must be at least 5 characters long, and include the following:
- two or more letters
- at least one uppercase and one lowercase letter
- one or more numbers
(Compliant examples: '123Ab' or 'aB321')
Q: What happens if I mistype my password?
A: You will have up to 3 attempts to correctly enter the password for your encrypted removable media
Q: What should I do if I forget my password?
A: If you forget your password there’s no need to worry. Simply follow these steps:
- While on your office desktop computer or networked docking station, Insert the encrypted media in your PC
- When you get the password prompt (example shown below), simply click the "I forgot" button.
- You will be prompted to confirm that you have forgotten your password.
- Once you confirm that you’ve forgotten your password, call the SMU Helpdesk to have your password reset via a simple manual authentication process.
Q: I am bringing my USB drive to the classroom to present materials to my class. How do I access these files in the classroom?
A: If your content originated from an SMU computer, you will need to type the password to retrieve your files from the USB device. If your content originated from a home or other computer source, you can simply open the file without being prompted for a password.
Q: I am collaborating with individuals from outside SMU, such as research partners, guest lecturers, accreditation visitors, or auditors. I share data with these individuals by providing a USB flash drive. Will the recipient be able to access my files?
A: Yes. Once you set a unique password on your USB device, you are permitted to share the password with your collaborators. Bear in mind however that you should use a password that is different from your network password.
Q: Is there an alternative to using external media for sharing files with peers and students?
A: Yes. Files may be shared using a collaboration web site, such as Canvas or mySMU.
Q: How will students be affected by USB Encryption?
A: SMU computer labs and libraries are not subject to the external media encryption policy, since these facilities do not have access to any internal file servers. As such, students are not affected by this change.