LITS Resource Center
Last updated: January 28, 2021
Q:What is full disk encryption?
A: Full disk encryption provides a critical layer of security to the files saved on your computer in the event of loss, theft, or other unauthorized access. It is a process that converts data into an unreadable form that can be accessed and understood only when you enter a separate PIN/password.
Q: How will the hard drive be encrypted?
A: We will configure software on your computer that will encrypt and protect the hard drive and data. On Windows computers we are using Microsoft’s BitLocker and on Mac OS X computers were are using Apple's FileVault 2.
- At startup, you will see the BitLocker screen where you must enter a self-selected your PIN.
- This PIN is not synchronized with your Hamilton password
- The PIN is a password/passphrase is 4 - 20 characters long
- The use of non-English characters or keys that differ in position from the EN-US keymap are not supported
- Enter your Hamilton password on the Windows login screen
Mac OS computers:
- At start-up you will see the FileVault 2 login prompt that is similar to the Mac OS start-up screen where you will enter your Hamilton password
- The computer will now boot to the desktop of the account that just unlocked the computer.
Q: Why are we doing this?
A: This is part of Hamilton's comprehensive plan for improving information security on campus. Full disk encryption provides a critical layer of security to the files saved on your computer in the event of loss, theft, or other unauthorized access. It is a process that converts data into an unreadable form that can be accessed and understood only when you enter a separate PIN/password. If your computer is lost or stolen the files on your computer cannot be accessed without your PIN/password or a Recovery key available from the LITS Help Desk.
Q: What computers will be encrypted?
A: This applies to all Hamilton College institutionally owned laptop and desktop computers, except those used as lab computers or as a shared resource which requires multiple account logons.
Q: Can I schedule an in-person appointment to have my computer encrypted?
A: If you need your computer encrypted before we get to your department, you can schedule an appointment with a member of the Desktop Integration Services (DIS) Team to have encryption enabled on your device. You can schedule an appointment by contacting DIS, at x5347 or by emailing email@example.com. You need to be present at the appointment which will take between 15-30 minutes.
Q: Will this slow down my computer?
A: No, you should not experience any noticeable difference in the performance of your computer.
Q: I forgot my PIN/Password and now I can’t logon to my computer, what can I do?
A: Please call the LITS Help Desk for assistance 315-859-4181 during normal business hours.
Q: Can users travel to another country with an encrypted laptop?
A: Yes. While the US Federal Regulations controls the export of “encryption commodities,” in many cases you can get a license that allows you to take your encrypted device with you provided you return within a year and retain effective control and ownership of the device. Users are highly encouraged to check with the State department with regards to encrypted devices and travel to other countries before leaving with the device.
Q: Do I still need to use the College’s VPN if my laptop is encrypted?
A: Yes, encryption protects the data that is stored on the internal drive. The VPN provides a secure Internet connection to on-campus resources while away from campus.