University Policy on Encrypting Personal and Confidential Information

It is University policy that any personal and other confidential information that is outside our secure server environment with restricted user rights must be protected with properly implemented encryption.  This means that any personal desktops, laptops, tablets, smartphones, USB keys, etc. must not have personal or other confidential information unless they are securely encrypted.  This can help prevent any data breaches caused by lost/stolen hardware, although any system with personal and other confidential information must also be kept secure with restricted access, up-to-date software (including the OS), etc.

There are resources describing encryption and what types of information must be protected at: http://encrypt.utoronto.ca

If you have any questions please send email to requests@math.toronto.edu