Encryption

KU Medical Center and Kansas University Physicians, Inc. require that any "mobile PC" (laptop, tablet, etc.) used for any aspect of University or KUPI business be encrypted, including student-purchased tablets.

McAfee Endpoint Encryption (also called "MEE") provides full-disk encryption that protects data stored on the laptop regardless of where it has been saved on the hard drive. MEE protects the information in the event that the laptop is lost or stolen; however, it does not protect information sent via email or stored on other media such as USB thumb drives, CDs or DVDs.

All newly purchased mobile PCs must be encrypted prior to being used for any University or UKP business.  If you acquire a mobile PC that has not yet been encrypted, you must call Customer Support at 913-588-7995 and arrange to have it encrypted before you use it.

With the exception of UKP-owned HP tablets, Information Resources also will install the CompuTrace device-tracking software if your laptop supports it (older models do not) and it has not been installed previously.  CompuTrace enables the identification and retrieval of lost or stolen mobile PCs and, if necessary, disabling the device to prevent compromise of the information stored on it.

Q. Why encrypt?

A. Encryption makes information unintelligible. Full disk encryption (which KUMC is implementing) makes it impossible to inadvertently store information in an unencrypted state.  If you have a password on your unencrypted laptop and it is stolen, the most that a thief has to do to compromise your information is remove the hard drive and install it in another computer.  With encryption, information cannot be compromised.

Q. Do I have to encrypt my laptop with McAfee Endpoint Encryption (MEE)?

A. Yes, all laptops that are used for any aspect of University business, regardless of how it was acquired or funded, must be encrypted.  Once your mobile PC has been encrypted, you will enjoy the peace of mind that comes from confidence your information will not be compromised in the event of loss or theft. 

Please note that personal laptops that were purchased with personal funds are not included in this requirement.  

Q. What University or KUPI policies cover the use of encryption on our laptops?

A.  The relevant KUMC policies that cover the use of encryption are:

Mobile Device Security
Sensitive Information in Electronic and Paper-based Systems

Q. What happens if I forget my password?

A. Contact Customer Support at 913-588-7995 to get a one-time password that will allow you to login to the laptop.  You will need to provide proof of identity in the form of a picture ID.

Q. I changed my KUMC network password and now I can't login to my laptop.

A. You will need to synchronize your MEE password with you new KUMC network password.  To do this, log into MEE with your previous password and then, when prompted, enter your new KUMC network password to log into Windows.  MEE will then synchronize to match your new KUMC password and you can use the new password to login to MEE for any future logins.  If you are unable to login with either your previous or new passwords, contact Customer Support at 913-588-7995 for assistance.

Q. My student tablet has a Windows username that is different from my KUMC network username.  How do I change my password?

A.  If your username on your tablet does not match your KUMC username, you will not be able to use single sign-on and you will always have to enter two passwords: (1) your MEE password to unlock the laptop, and (2) your Windows username and password. You can use the same password for both logins if you wish.

To change your MEE password:

  1. From the MEE screen when you first power on your laptop, enter your KUMC username and then click on the "Change Password" checkbox .

To change your Windows password:  

  1. Log into Windows, press CTRL-ALT-DEL and select "Change Password".

It is possible to change your Windows username to be the same as your KUMC network username.  Contact Customer Support at 913-58-7995 for assistance.

 

Q. Does McAfee Endpoint Encryption have any effect on my Windows applications?

A. No, MEE's encryption is transparent to the Windows operating system.

Q. Will McAfee Endpoint Encryption affect my laptop's performance?

A. No, encryption will have a very small impact on your laptop performance when writing files. 

Q. Does McAfee Endpoint Encryption work on a Macintosh laptop?

A. McAfee currently does not have a version of the MEE encryption software that can be installed on Apple laptops.  We expect to have this capability by December, 2011.

Q. Does McAfee Endpoint Encryption encrypt network drives or USB thumb drives?

A. No, MEE only encrypts the local hard drives contained within your laptop.  If you have a need to encrypt files on KUMC network servers, USB thumb drives or other media, please contact Information Security at 913-588-3333.

Q. Can I re-partition my laptop or have multiple boot partitions?

A. McAfee Endpoint Encryption can support this scenario, however, you will need to contact Customer Support at 913-588-7995 to discuss the use of non-standard settings.  Changing the partitioning on an already-encrypted device without approval from Information Security is a violation of the University's Appropriate Use of Information Systems policy and will render the device unusable.

Q. Is it possible to "re-image" a laptop when it has McAfee Endpoint Encryption installed?

A. Information Resources can temporarily remove MEE in cases where it is necessary to do so for troubleshooting purposes.  Formatting or re-imaging a laptop will remove MEE as well as the encrypted data that was on the hard drive.  Laptops with MEE installed and then removed will fail to check in with KUMC's MEE server, and Information Resources will follow-up to ensure that MEE is reinstalled as soon as possible.

Q. Can you encrypt my PDA, smartphone or other mobile device?

A. There are currently no plans to encrypt either University-owned or personally-owned PDAs and SmartPhones; however, as outlined in the University's Mobile Security policy, they should not be used to store sensitive information.  If you regularly send or receive email that contains sensitive information, you should NOT synchronize your KUMC email to your personal smartphone or PDA.

Q. Who should I contact if I have additional questions about McAfee Endpoint Encryption?

A. Faculty, staff or students with questions about MEE that are not covered by this FAQ, should contact Customer Support at 913-588-7995 for additional assistance.


Last modified: Feb 11, 2013
ID=x1731