Skip to navigation Skip to content
Visit ulster.ac.uk

Encrypted Laptops - Secure Laptop Service

Using a secure, encrypted laptop helps protect you and the University from the consequences should your laptop be stolen or lost.

Service Description

University Laptops often carry documents which are sensitive, for commercial, Data Protection Act or other reasons. Using a secure, encrypted laptop helps protect you and the University from the consequences should your laptop be stolen or lost: Think 'Protect'. It is University policy that University laptops are encrypted.

Secure Laptops

A secure laptop is a "business class" encrypted device with a pre-installed standard University desktop that complies with current security recommendations to protect sensitive corporate data.

Secure Laptop Service

This service will allow users to acquire the University standard desktop for a "standards compliant" security-enabled laptop with encryption. See below for the minimum standard specification for laptops (including tablets and notebooks).

Reasons to Use a Secure Laptop

If you have access to sensitive information or the personal details of individuals and are retaining this information on your personal laptop (or will be purchasing a laptop with this intention), then you must ensure that the laptop conforms to the standard determined by the University's Information Systems Governance and Strategy Committee (see Background Information below).

Portable computers that fall outside the specification must never be used to store sensitive information.

Further information on Procurement

Full details are available on the Procurement web page:

Business Process

Minimum Standard Specification for new laptop purchases
Processor Intel Core i5-3210M (2.5/3.10 Turbo GHz)
Memory 4GB 1333MHz DDR3 RAM
Hard disk 320GB 7200rpm
Security TPM chip - Encrypted pre-delivery
Screen size 15.6" HD Non-Reflect Screen
Operating system Windows 7

Tips for securing existing laptops

  • If you do not store sensitive information and never plan to do so, then continue to use your laptop but ensure its physical protection by:
    • checking your password is secure
    • using a Kensington lock to physically secure the device to the desk
    • ensure you use an unmarked bag to store and transport the device
  • If you store sensitive information then ask yourself the question "Do I need to store this information on the laptop?" Alternative, and secure, methods of storing and accessing your information would be:
    • consider relocating the information to a secure central storage and only use the laptop/device to access it via our Secure Remote Access Service (known as SRAS)
    • consider the use of a secure encrypted USB memory pen for safe storage of sensitive information. This is available via our IronKey service.
  • If you store sensitive information and your laptop meets the current Standard Specification, then you can apply to ISD to have your laptop upgraded to incorporate encryption. Please complete the Application Form, omitting the purchase section, and send this to our Service Desk.
  • When your device is due for replacement then:
    • contact your local IT support team or the ISD Service Desk for guidance on the safe removal of all information from your hard disk drive
    • ensure your replacement device is compliant with the prevailing University standards, including security requirements.

Consequences of choosing not to secure a laptop

If you have access to business-critical University information or the personal details of individuals, then you must abide by University policies to ensure the security of that information.

If, through non-compliance with these policies, this information be lost or made accessible to unauthorised persons then any breaches of policy, or deliberate non-compliance with standards and procedures, will be investigated, reported and could lead to disciplinary action.*

* extract from the University's Electronic Information Assurance Policy

Background Information

University Information Assurance Policies

The University has developed a set of Information Assurance policies that all members of the University must abide by.

As part of the implementation of the University's Electronic Information Assurance Policy, the Information Systems Governance and Strategy Committee, at its meeting held on 11 May 2010 (see below), has directed that all portable devices purchased by the University must be capable of encryption.

For further information please refer to the document "Electronic Information Assurance Policy - Electronic Document Handling - Secure Storage and Archival Code of Practice" available at:

Extract from Information Systems Governance and Strategy Committee Meeting of 11 May 2010

10.67 Options for Controlling the Use of Portable Electronic Storage Media
(minutes 10.53, 10.42)

The Committee received the Information Services Secure Portable Storage Devices and Encryption Project Brief for discussion (Paper No: ISG&SC/10/42). Mr Trimble reported that a revised briefing paper on the implications, whole-life costs and timescales for introducing controls for the use of portable electronic storage media would be presented to the June meeting. Following discussion, it was AGREED that:

  1. a centralised approach should be adopted for encrypting portable devices;
  2. an implementation date of September 2010 be adhered to for new devices, and the encryption of legacy devices be completed by December 2010, at the latest;
  3. in the absence of a database of what information was classified as 'sensitive', assumptions should be made and the encryption of devices should be prioritised accordingly;
  4. a pilot scheme for encrypting portable devices be introduced as soon as possible across a number of areas, to include the Research Office and Human Resources; and
  5. a Communications Strategy be developed to support the initiative; stating clearly why the encryption of portable devices was necessary.

How to obtain help

Contact the ISD Service Desk.

Cost

It is your responsibility to ensure that the laptop meets the minimum specification.

Eligibility

All staff in the University.

Service Owner

ICT Customer Services