USB External Drives and Encryption

WHY:  Stanford University security policies require the transport of storage of sensitive data must be on encrypted physical media.  If you must transfer or store sensitive data on a physical medium and cannot use other secure data transport methods, that media must be encrypted. The loss or theft of this type of USB device could have serious consequences to the University as well as to you personally.  While it has long been policy to use only encrypted media, the School of Medicine has only recently begun to apply technical controls to prevent it.

WHAT:  If in your role at Stanford School of Medicine, you may access or receive High Risk data, security software Endpoint Protector by CoSoSys is deployed to ensure that you can only copy from your computer to encrypted USB media.  You will still be allowed to copy from any drive to your computer.

TDS can provide one encrypted Apricorn SecureKey to School of Medicine personnel to work with sensitive data.  If you don't already have one, you can request one using the button below or stop by the nearest TDS Tech Bar to pick one up.   

You can manually encrypt your external USB drive using your operating system's native encryption software. 

For Macs:  https://support.apple.com/guide/disk-utility/encrypt-protect-a-storage-device-password-dskutl35612/mac

For Windows:  https://www.windowscentral.com/how-use-bitlocker-encryption-windows-10

(Note: Some methods require erasing the drive, so be sure to back up necessary information beforehand.  Also, it's possible there may be problems with compatibility using the encrypted drive on an older computer.)

If your drive is already encrypted with BitLocker or Filevault, CoSoSys Endpoint Protector can recognize native encryption automatically.  You will still get a pop-up but just click OK so you can write to it.