The UNE Disc encryption project is designed to protect UNE information held on UNE owned PCs.  This will be done using a standard MS Windows function – BitLocker.

Why do we need BitLocker?

Personal devices hold a large amount of potentially sensitive information.  Whilst this may be backed up to One-Drive or similar, it remains on the personal device.  Many site passwords may also be held on the PCs, either embedded in the Web Browsers or in installed applications.  This information is vulnerable if the device is lost or stolen and the ‘new possessor’ can bypass the basic device user authentication controls.  There are tools readily available that will enable this.

Both Microsoft and Apple have long recognised this as an issue.  In response:

Microsoft have developed BitLocker as their security encryption capability to protect data held on user devices.  BitLocker has been available for some 15 years and is well proven. It is centrally administered meaning the user does not see any impact on the way their PC operates. In the event of failure, it can be recovered centrally.

Apple, on the other hand have developed FileVault 2.  This is available in OS X Lion or later. When FileVault is turned on, your Mac always requires that you log in with your account password to decrypt and access data. FileVault 2, unlike BitLocker, is managed by the user and is not supported by Service Desk.

BitLocker at UNE

Deployment has been designed to be gradually phased in and there will be no visible impact to the user or device.  Recovery keys will only be required if/when Windows detects unauthorised access to the system drive.  The user will be then be prompted to contact UNE TDS Service Desk on X5000 to obtain the necessary recovery key.

The recovery process has been simulated during testing to ensure recovery is successful.  BitLocker was successfully tested by a User Acceptance Test group for over six weeks.

In Summary

UNE owned PCs and data will now be protected in the event of device theft or loss.  Implementation of BitLocker is transparent to end users who will only notice anything if there is an unauthorised attempt to access their PC.  Recovery keys are held by UNE and will support remote recovery in the event of system failure.

Questions and comments can be sent to Stewart Hayes on shayes31@une.edu.au