Encryption provides protection by ensuring that only someone with the relevant encryption key (or password) will be able to access the contents.
- Disk level: Bitlocker for Windows, FileVault for MacOS
- 2 minute video: Encrypt a portable drive with BitLocker
- “container” level (a folder containing multiple files): Veracrypt for Windows, Archive or IZip for MacOS (see also Disk Utilities, more information)
- See the Veracrypt starter manual on how to get started
- Portable storage: Bitlocker
- File level / Exchange information
MS Office encryption from Office 2016 onward uses AES-256 and is considered secure.
Alternative for multiple files: 7zip (AES-256 encryption), and pack with a password
More complicated to setup: PGP tooling (can also be used to securely send email)
- For very sensitive data you can use LANCrypt (which only works on campus and you will need support from IT).
Password managers*
*Information taken from the TU Delft guidance on NetIDs and passwords (pdf)
Password managers simplify the process of creating, storing and managing passwords.
You only need to remember one password
Synchronisation across devices
Automated generation of secure passwords
Encryption of stored passwords
Identification of potentially non-secure and compromised passwords
Keep in mind
Data encryption is not a substitute for other data protection strategies (access control).
The encryption is only as strong and secure as your chosen password.
If the encryption key is lost, the disk image gets corrupted, or the hard disk fails, any encrypted data will be lost.
More information
https://www.tudelft.nl/en/it-manuals/working-remotely/encryption
Ghent University Encryption manual with detailed steps for Veracrypt
Why a good password is essential for your online security by Johan Brandenburg (Faculty Security Information Coordinator)