Who needs a Client Certificate (aka Digital Certificate)?

Individuals who process or work with sensitive data are the ideal candidates who should be using a client certificate to ensure that data when transmitted via email or other means is encrypted to prevent accidental disclosure.  These are high-level guidelines and provide only a broad outline of likely users. Consult with your desktop support staff or the Information Security Office if you have questions.

Examples:

• Researchers who have human subject information.
• Medical Staff who deal with HIPAA information.
• Faculty members who work with student information, aka FERPA.
• Any Faculty or Staff who wishes to email CATEGORY I data to their colleagues or others.
• When sending emails, you want to ensure that the recipients can verify that it was sent from you and your legitimate email account.

Client/Digital Certificate Caveats

Important facts regarding Client/Digital certificates:

• Available only to faculty and staff.   Student use may be considered in the future.
• The certificate is only valid for XX years.  After that, a new or renewed certificate must be requested.
  It is highly recommended that you request and obtain a new certificate before the previous one expires.
• Certificates are for use by individuals. Role-based certificates are not supported.
  This means that the name on a certificate is an individual name rather than a title, such as President, Provost, Professor, etc..
• These are for individual use and can not be used on a server.  Please see (DC) SSL Certificates.
• Certificates are not built into any Web or token-based authentication methods offered by ITS on campus at this time.