Perelman School of Medicine at the University of Pennsylvania

Security

Encryption Software

What Type of Encryption Software Does PMACS Offer?

PGP® Whole Disk Encryption (WDE) is available to School of Medicine faculty and staff who need to store sensitive or confidential data on their computers. WDE is used to protect that data in the event that a computer is lost or stolen.
Please note that WDE does not protect data once a user logs in to the computer.  The machine must be turned off and/or restarted to ensure that the machine is in an encrypted state.

PGP® NetShare Encryption is available to School of Medicine faculty and staff, running Windows, who need to store sensitive or confidential data on a networked file share.

How Do I Know If My Machine Requires Encryption?

As stated in Penn's Computer Security Policy, all portable computing devices, storage devices, and media with sensitive or confidential data must be protected at rest using strong encryption with a key recovery component.

How Do I Get PGP for My Computer?

Contact PMACS or request support.

What Are the User Responsibilities Associated with Using Whole Disk Encryption?

Backups

While data backup is always important, encryptions makes it even more crucial because any data lost due to hard drive failure or human error will not be recoverable via standard data recovery methods.
PGP users are required to have an offsite, encrypted backup solution installed and running on their machine to ensure a valid, secure backup exists at all times.

Strong System Password

Again, a strong system password is always important (see password recommendations) but it is important to note that once the PGP password is entered the computer is no longer encrypted.  If the computer is locked or goes to sleep, only the system password is required to obtain access. Therefore a strong system password is crucial for ensuring the protection of your data.

Travel Restrictions & Export Controls

Certain countries are known for inspecting laptops and data upon entry. For example, Russia and the People’s Republic of China may currently restrict the importation of PGP’s encryption software.
Users intending to travel to Cuba, Libya, North Korea, Syria, Sudan, Iran or Iraq must contact the Office of Research Services for assistance in determining whether an export license is required.
Any release of the PGP encryption technology or source code to a foreign national from Cuba, Libya, North Korea, Syria, Sudan, Iran or Iraq, or an individual on the denied parties list even while in the United states, may be prohibited under the “deemed export” rules. Contact the Office of Research Services for more information.


For more information, contact Bob DeSilets at medsecurity@mail.med.upenn.edu or 215-746-5578.

Penn Medicine Academic Computing Services (PMACS) at the Perelman School of Medicine

Links of Interest

Job Opportunities