Encrypted Laptops - Secure Laptop Service
University Laptops often carry documents which are sensitive, for commercial, Data Protection Act or other reasons. Using a secure, encrypted laptop helps protect you and the University from the consequences should your laptop be stolen or lost: Think 'Protect'. It is University policy that University laptops are encrypted.
What is a Secure Laptop?
A secure laptop is a "business class" encrypted device with a pre-installed standard University desktop that complies with current security recommendations to protect sensitive corporate data.
What is the Secure Laptop Service?
This service will allow users to acquire the University standard desktop for a "standards compliant" security-enabled laptop with encryption. ISD has provided a minimum specification for laptops (including tablets and notebooks), see below.
Why Should I Use a Secure Laptop?
If you have access to sensitive information or the personal details of individuals and are retaining this information on your personal laptop (or will be purchasing a laptop with this intention), then you must ensure that the laptop conforms to the standard determined by the University's Information Systems Governance and Strategy Committee (see Background Information below).
Where can I get further information?
Full details are available on the Procurement web page:
What is the current Standard Specification?
|Processor||Intel Core i5-3210M (2.5/3.10 Turbo GHz)|
|Memory||4GB 1333MHz DDR3 RAM|
|Hard disk||320GB 7200rpm|
|Security||TPM chip - Encrypted pre delivery|
|Screen size||15.6" HD Non-Reflect Screen|
|Operating system||Windows 7|
I Already Have a Laptop. What Must I Do?
- If you do not store sensitive information and never plan to do so, then continue to use your laptop but ensure its physical protection by:
- checking your password is secure
- using a Kensington lock to physically secure the device to the desk
- ensure you use an unmarked bag to store and transport the device
- If you store sensitive information then ask yourself the question "Do I need to store this information on the laptop?" Alternative, and secure, methods of storing and accessing your information would be:
- If you store sensitive information and your laptop meets the current Standard Specification, then you can apply to ISD to have your laptop upgraded to incorporate encryption. Please complete the Application Form, omitting the purchase section, and send this to our Service Desk.
- When your device is due for replacement then:
- contact your local IT support team or the ISD Service Desk for guidance on the safe removal of all information from your hard disk drive
- ensure your replacement device is compliant with the prevailing University standards, including security requirements.
What Happens if I Choose Not To Use a Secure Laptop?
If you have access to business-critical University information or the personal details of individuals, then you must abide by University policies to ensure the security of that information. If, through non-compliance with these policies, this information be lost or made accessible to unauthorised persons then any breaches of policy, or deliberate non-compliance with standards and procedures, will be investigated, reported and could lead to disciplinary action.*
* extract from the University's Electronic Information Assurance Policy
University Information Assurance Policies
The University has developed a set of Information Assurance policies that all members of the University must abide by.
As part of the implementation of the University's Electronic Information Assurance Policy, the Information Systems Governance and Strategy Committee, at its meeting held on 11 May 2010 (see below), has directed that all portable devices purchased by the University must be capable of encryption.
For further information please refer to the document "Electronic Information Assurance Policy - Electronic Document Handling - Secure Storage and Archival Code of Practice" available at:
Extract from Information Systems Governance and Strategy Committee Meeting of 11 May 2010
10.67 Options for Controlling the Use of Portable Electronic Storage Media(minutes 10.53, 10.42)
The Committee received the Information Services Secure Portable Storage Devices and Encryption Project Brief for discussion (Paper No: ISG&SC/10/42). Mr Trimble reported that a revised briefing paper on the implications, whole-life costs and timescales for introducing controls for the use of portable electronic storage media would be presented to the June meeting. Following discussion, it was AGREED that:
- a centralised approach should be adopted for encrypting portable devices;
- an implementation date of September 2010 be adhered to for new devices, and the encryption of legacy devices be completed by December 2010, at the latest;
- in the absence of a database of what information was classified as 'sensitive', assumptions should be made and the encryption of devices should be prioritised accordingly;
- a pilot scheme for encrypting portable devices be introduced as soon as possible across a number of areas, to include the Research Office and Human Resources; and
- a Communications Strategy be developed to support the initiative; stating clearly why the encryption of portable devices was necessary.
How to obtain help
Cost (where applicable)
It is your responsibility to ensure that the laptop meets the minimum specification stated here.
Service Metrics (KPI/SLA statement)
Who can avail of the service?
All staff in the University
ICT Customer Services
- Secure Laptop
- Information Assurance
- Sensitive Information
- Data Protection