* About: Full disk encryption (FDE)


Service overview | Who can use it | How to request & access | Cost | Availability | FAQs | Best practices & policies | Training & documentation | Support

Service overview

Encryption is a means of protecting data stored on your computer so that it is inaccessible to unauthorized users. It protects information by converting it to an unreadable format that cannot be easily deciphered by unauthorized users. Full disk encryption (FDE) protects all files and data saved to disk, including the operating system, executable files and documents.

FDE offers the highest level of security and privacy and is therefore highly recommended for all users. In case your computer is stolen or left unguarded, no one will be able to access your encrypted files without entering the password (usually referred to as an encryption key).

The installation of FDE will create a recovery key (a 48-digit, unique numeric code). This key will be necessary in order to access encrypted data on a computer.  

All centrally managed computers are deployed with BitLocker by default.

FDE for Windows is made up of 2 key components, BitLocker and the Azure portal. BitLocker, the encrypting engine, is part of the Windows operating system. As such, it should not affect the performance or functionality of affected computers. BitLocker recovery keys are stored, managed, and retrieved using the integrated functionality of the Windows operating system. The installation and configuration of FDE will create a recovery key (a 48-digit numeric code) used to decrypt your data. One example of when this key would be required is for restarting in “Safe Mode”. If you lose the recovery key, you can retrieve it from the Azure portal, by contacting the IT Service Desk, or local technical support staff.


Who can use it

Faculty and Staff with McGill-owned PCs.


How to request & access the service

All managed computers newly provisioned by IT Services are encrypted by default.

Users may request to have BitLocker enabled on their McGill-managed computers by contacting the IT Service Desk, or local technical support staff.


Cost

There is no associated cost for this service.


Availability

This service is available 24 X 7.


Frequently asked questions


Best practices & policies

See best practices from the Government of Canada's Canadian Centre for Cyber Security: Using Encryption to Keep Your Sensitive Data Secure.


Training & documentation

See How to recover an encryption key for a computer with full disk encryption.


Support

If you need assistance to recover your encryption key, contact the IT Service Desk.