Delete or Encrypt Confidential Information
Removing unnecessary information and encrypting confidential data stored on your computer can help prevent an attacker or thief from stealing your identity and compromising your data. Below is an outline of the steps you should take to secure the data on your computer.
- Using FileVault to Encrypt your Home folder
- Identify the data on your computer
- Delete confidential data you no longer need
- Encrypt confidential data
- Secure Virtual Memory
- Clear temporary files and other stored data
- Securely delete files and erase free space
Note: PDAs and handheld devices pose the same risk as desktop and laptop computers. Users should be aware of the sensitive data that may be stored on these devices and take the necessary precautions to delete and encrypt confidential data. Click here for specific recommendations for such devices.
Using Filevault to Encrypt your Home folder
We reccommend using Filevault, a utility that's built into the Mac OS, to encrypt your entire home folder. To learn how to set up Filevault on your machine, please read our page on Filevault. Using Filevault is our officially recommended method of protecting confidential data; if you cannot or do not want to use Filevault, then follow the steps outlined on this page to delete confidential data and encrypt in other ways.
Alternative Encryption Methods:
Identify the data on your computer
First and foremost, identify the data on your computer. This may sound obvious, but it's likely you have stored files you forgot about, didn't know existed, or which contain sensitive information that may need to be encrypted. If you're not familiar with the files on your computer, take the time to inventory the contents.
Personally identifying information and college confidential data stored on computers must be encrypted. For more information, please refer to our page on identifying confidential data.
Delete confidential data you no longer need
Confidential data should not be stored on your computer unless it is absolutely necessary. Delete any confidential data you no longer need and then follow our guidelines for securely deleting files and erasing free space on Mac and Windows to insure that the data can’t be easily recovered.
Encrypt confidential data
If you must store confidential information, encrypt the data.
- Macintosh users running OS 10.7 or higher should follow our instructions to use Apple's Filevault encryption system.
- Those running an older Macintosh OS should follow our encryption instructions for Disk Utility.
- Windows users should follow our instructions for using BCArchive.
The encryption methods suggested here offer very good security. But if you forget or lose the password, there will be no way to recover the data. If you are encrypting unique information that is expensive or impossible to replace, you should be sure to keep an up-to-date unencrypted copy.
We recommend storing the unencrypted version on a dedicated USB thumb drive. Keep the unencrypted copy in a secured location, such as a locked cabinet, and keep it physically separated from the encrypted version.
Under no circumstances should a thumb drive be used to store unencrypted confidential information while traveling.
It is also vital to make regular backups of your encrypted data, just as you would with any other important files.
Secure Virtual Memory
Virtual memory writes temporary data to your hard drive to make retrieval of information much faster. This virtual memory can contain confidential data, so make sure your virtual memory is encrypted. For more information, please follow our step-by-step instructions.
Clear temporary files and other stored data
Your computer may also be storing sensitive information without your direct knowledge, such as cached browser history, emails, etc. We have documented the ways you can remove the majority of these files on Mac and Windows computers.
Note: It's difficult to remove ALL temporary files containing sensitive information. If you need a more secure solution, talk to CUS about using an encrypted user account, like FileVault.
Securely delete files and erase free space
After you empty the trash, deleted files may still be recoverable with specific software. Securely deleting files and securely erasing free space will help prevent the recovery of data if your computer is stolen. For more detailed information, please visit our Mac and Windows instruction pages.
Note: Mac OS 10.4 can keep a copy of your files in a "Recovered Files" folder in the trash. If you have been working on encrypted files or other sensitive data and see this folder in your trash, you should use the Secure Empty Trash option to securely erase them from your computer.
If you have questions or concerns about securely deleting or encrypting confidential data, please contact Computer User Services (or ACS for administrative staff).