The policy for Storage and Encryption of Sensitive Information (IEncrypt) requires that sensitive information on workstations, laptops and other portable devices and media be the minimum amount necessary to support operational needs, and that sensitive information that is present on such devices be encrypted or protected by compensating controls.
The policy is being revised, and will be renamed as Storage, Transmission and Encryption of Sensitive Information. Additional Recommended Procedures are also under development. These changes were recommended by the team for Protection of Sensitive Information during Transmission (ITransmit). In addition, the Encryption Futures Task Force has made recommendations to improve the campus sponsored solutions for both storage and transmission.