Unsupported Operating Systems

If a device can use whole-disk encryption that meets the UF Standards, than that must be used. If no such option is available, the device still must be encrypted and alternative whole-disk encryption may be used. An example of this situation is a new version of an Operating System that UF-supported encryption software does not yet support.  Once a supported and UF Standard-compliant solution becomes available, it must be implemented to replace the non-standard encryption.

If a non-standard encryption is used, the unit must document the encryption using the Encryption Form, which must be retained for 10 years.

The elements that must be documented are:

  • Name of unit providing the encryption service
  • Name of individual performing the encryption installation
  • Name of individual that is the primary device user
  • Name of the UF unit the device user has primary affiliation with
  • Ownership of the device (UF-owned or personally owned)
  • Date and time device had whole disk encryption installed and activated
  • Make, model, serial number, UF asset tag number (if applicable) of the device
  • Operating System including version number
  • The name, vendor and version of the encryption software used
  • Statement indicating the following, “Device was encrypted with whole disk encryption”.