Storage, Transmission and Encryption of Sensitive Information (IEncrypt)
The policy for Storage and Encryption of Sensitive Information (IEncrypt) requires that sensitive information on workstations, laptops and other portable devices and media be the minimum amount necessary to support operational needs, and that sensitive information that is present on such devices be encrypted or protected by compensating controls.
The policy is being revised, and will be renamed as Storage, Transmission and Encryption of Sensitive Information. Additional Recommended Procedures are also under development. These changes were recommended by the team for Protection of Sensitive Information during Transmission (ITransmit). In addition, the Encryption Futures Task Force has made recommendations to improve the campus sponsored solutions for both storage and transmission.
The policy is published at: https://kb.wisc.edu/itpolicy/cio-encryption-policy
and the standard is at: https://kb.wisc.edu/itpolicy/cio-encryption-standard
For draft revisions see IEncrypt Policy Drafts.
The history of the policy and ongoing implementation activities are documented below.
- IEncrypt Policy Drafts (2013)
(updated with Rev A in 2015)
(wiki login required)
- Encryption Futures Recommendations (2013)
- ITransmit Recommendations (2012)
- IEncrypt Policy
- IERJIT Documents