Protecting the University’s administrative information (data) – wherever it resides – is the responsibility of Information Security. Protected information includes, but is not limited to, student data, personnel data, and financial data, as well as the computing infrastructure and program code that support the administrative business of Boston University. We have established a distributed environment of more than 300 Departmental Security Administrators (DSAs), who represent all units that access administrative information. The DSAs manage the security requests for accounts and access for their respective department, school, college, or program. Encryption of sensitive information on disk or in transit is always advisable, and in many cases it is mandated by federal, state, or agency regulations. Many means are available to encrypt data; we can help you find the best solutions for your particular needs.

Data protection is vital, not just for Boston University as an organization, but also for the privacy of its students, faculty, and staff. Preventing the loss or compromise of sensitive information saves the University from efforts and expenses related to remediation. Encryption protects sensitive data and ensures its confidentiality and integrity. Our guidance and recommended solutions can help ensure that you are in compliance with all laws and regulations pertaining to the protection of data you store and transmit.

  • Health Insurance Portability and Accountability Act (HIPAA) compliance protects medical information.
  • Payment Card Industry Data Security Standard (PCI-DSS) protects stored cardholder data and secures transmission of that data across the Internet.
  • Departmental firewalls block unauthorized access to data servers while allowing authorized access to pass through.
  • Encryption is often mandated for electronic storage and transmission of sensitive data. Recommended solutions may include:
    • DataMotion SecureMail
    • SecureDoc
      • Full disk encryption for laptops
      • File and folder encryption for USB drives and network folders
    • SSL (Secure Sockets Layer) and TLS (Transport Layer Security)
    • SFTP and FTPS
    • Other targeted solutions

Contact us for more information.

**If you have been directed to this website in search of Information Security’s Blasts page, please follow this link to find Blasts from the Past

  • This service provides the capability to encrypt the entire hard drive of your Windows or Mac computer as well as removable drives.... more »

  • Destroying old media can prevent identity theft and loss of valuable University information.... more »

  • If your application transmits sensitive data over the Web, you may need an SSL certificate to comply with federal, state, or other regulations.... more »