Encryption of Confidential Information

Texas A&M Employee Requirement - Encryption of Confidential Information

All Texas A&M University employees are required by state and federal law, as well as university policy, to protect sensitive and confidential information. Confidential information includes, but is not limited to, student education records (including schedules), financial account numbers, medical records, some research data and passwords. Below is a quick reminder on how to protect confidential information.

Who needs to use encryption?

  • Any employee who comes into contact with any type of confidential information should use proper encryption methods.

What must be encrypted?

  • Any portable computing device such as a smartphone, tablet, laptop or thumb drive that is used to access or store confidential information must be encrypted.
  • If you are transferring confidential information in any way, it must be encrypted.
  • If you are remotely accessing confidential information, you must use an encrypted connection, such as VPN.

How do you encrypt files, computers or mobile devices?

  • Ask your department IT staff about the best encryption method for your situation.
  • Whole Disk Encryption encrypts your entire device, and prevents a thief from even starting your computer without a passphrase. Both Windows and Apple devices come with encryption software built in. For additional information, visit the Knowledge Base.
  • Individual File Encryption is only encouraged when you are absolutely sure where all confidential information is located on your computer. Pretty Good Privacy (PGP) tools can protect files, folders and emails. More information and free tools are available at gnupg.org.
  • Texas A&M provides Filex (filex.tamu.edu) to securely upload and send confidential information. Confidential information should never be transferred over email.
  • [CEHD Addition] A&M Exchange also offers the option to send encrypted email by putting *encrypt* at the beginning of the subject line.  See Encrypting Email KB article for more information.

What else do I need to know about encryption?

Remember, mobile devices can be easily lost or stolen and are required to be encrypted if they might contain confidential information. Please speak with department IT staff, or contact Help Desk Central at 979.845.8300 or helpdesk@tamu.edu if you have any questions. Thank you for working to keep the sensitive and confidential information of Texas A&M students and employees secure.