If your desktop contains Confidential or Restricted information, you are required by University guidelines provided by the FIPP office to encrypt your hard drive.

Who can help you?

There are a number of different operating systems in use at the University of Toronto.

Please consult your campus IT department,  your divisional or departmental IT personnel as a first resource, as they may have procedures that will simplify managing encryption for you.

For example,  I+TS on the ST George campus provides a full disk encryption solution. Full disk encryption encrypts all of the data on your hard drive in a single, initial pass called ‘conversion’ and once this conversion is complete, all subsequent encryption and decryption operations are transparent to the user. Full disk encryption is widely regarded as the best practice for ensuring the confidentiality of data-at-rest because it protects every file and all the data that is saved on your disk. This includes operating system files, temporary data, recycled files and the Windows registry; even the paging and hibernation files are encrypted.

Other IT groups provide the same service

What is Available?

Windows Bitlocker

  • Available only for Windows 7 Ultimate and Enterprise Editions
  • Centralized management of keys
  • Pre-installed, only needing to be turned on
  • Available through campus-select agreement with Microsoft

Apple Filevault

  • Available on latest Mac versions  (10.7 or later)
  • Pre-installed, only needing to be turned on
  • Uses system password and recovery key
  • Ask your IT group – they may have ways to manage your recovery key. If you forget both your password and recovery key, the data will be lost.


  • If you run your own Linux system, most distributions provide home directory and disk encryption.

Please discuss this with your IT professionals.