/
Encryption

This site is brought to you by the Electrical and Computer Engineering department

Encryption

Jun 29, 2021

There is already an extensive Wiki site managed by campus ITS to provide assistance to all users (TSCs, students, faculty, staff) with information on encryption policy and how to encrypt systems with UT Austin Approved Encryption Methods

General UT Austin Computer Encryption

Approved Encryption Methods for Laptops and Desktops

Approved Encryption Methods for Handhelds

Apple iOS Hardening Checklist

Google Android Hardening Checklist

For additional questions or assistance, please contact ECE-IT at help@ece.utexas.edu

Encryption Guidelines

If this is your Operating System...

Use this encryption solution...

If this is your Operating System...

Use this encryption solution...

Windows Operating Systems

Approved Encryption Solution

Windows 11

Not officially released but TPM will be required to run Windows 11

Windows 10 Pro/Enterprise

BitLocker with TPM (preferred) or without TPM (pre-boot authentication-legacy systems only)

Windows 8.1

BitLocker with TPM. Extended supported by Microsoft until January 10, 2023

Windows 7

Remove from Network, Inventory, and Upgrade System

Windows Vista

Remove from Network, Inventory, and Upgrade System

Windows XP

Remove from Network, Inventory, and Upgrade System

  • Effective immediately, ALL University-owned devices should be purchased with a Trusted Platform Module (TPM).  Please email help@ece.utexas.edu for unique systems that are being considered.

  • BitLocker note:  To use BitLocker, the device must be equipped with a Trusted Platform Module (TPM) chip, and it must be enabled.

  • Linux Encryption with LUKS:  TPM integration with LUKS is being investigated.

  • Devices without TPM "may" be encrypted with BitLocker, but will require an exception with the campus Information Security Office (ISO) and ECE IT Office.  Upon approval, recommendations will be made.

  • Effective immediately, ALL University-owned devices should be purchased with a Trusted Platform Module (TPM).  Please email help@ece.utexas.edu for unique systems that are being considered.

  • BitLocker note:  To use BitLocker, the device must be equipped with a Trusted Platform Module (TPM) chip, and it must be enabled.

  • Linux Encryption with LUKS:  TPM integration with LUKS is being investigated.

  • Devices without TPM "may" be encrypted with BitLocker, but will require an exception with the campus Information Security Office (ISO) and ECE IT Office.  Upon approval, recommendations will be made.

Apple Mac Operating Systems

Approved Encryption Solution

Apple Mac Operating Systems

Approved Encryption Solution

Mac OS X 10.14 (Mojave & above)

FileVault 2

Linux Operating Systems

Approved Encryption Solution

RedHat
CentOS
Ubuntu

Linux Unified Key Setup (LUKS) Encryption

Encrypting partitions of an existing installation with LUKS will most likely require a reinstall of the operating system as this option is only presented to users at install time. You are urged to make certain that you have complete and working backups of all data before beginning this process.

Encrypting partitions of an existing installation with LUKS will most likely require a reinstall of the operating system as this option is only presented to users at install time. You are urged to make certain that you have complete and working backups of all data before beginning this process.