Click for Text-Only version
Back to CUA Home
CUA Center for Planning and Information Technology
 
 
Collage of Pictures

Getting Started

Computing Help

Virus, Security and Privacy
Antivirus
Security and Advice

Teaching and Research

Administrative Systems

Institutional Research and Assessment

ResNet

Digital Media Services

About Us

CUA Home    Home    Site Map    Contact Us    Text Only     Calendar

Tips for Encrypting Data in Common Programs

The safest place to work on sensitive data is on your CUA staff or faculty computer, while on campus. The safest way to work on sensitive administrative data is through the administrative system interface, not by downloading it into a file or another program. However, in the event that you must take sensitive data with you off campus or temporarily store it on a portable device such as a notebook computer, external disk drive, USB flash drive, DVD, or CD-ROM, there are some steps you can take to encrypt the data to protect it.

Contents

What is Encryption? Is it the same as password protection?

Encrypting data is a process wherein the actual text of your files is replaced by apparently random letters, numbers, and punctuation.  With the correct password, however, this "random" data can be translated back to readable information.

Example:

John Doe's Student ID is 1234567

might encrypt to

a3489nvnaw23k4sfnak32oinsfaoe32mfawefa

Now, even if someone were to steal the data, they cannot make use of it without the password you used to encrypt it.

This process is not precisely the same as password protecting information, but in general putting a password on a file implies that its content will be encrypted, and encryption requires a key - typically a password.  So, you are usually safe in equating the two processes.

Back to top ^

Best practices for encryption and password protection

There are some risks and pitfalls with encryption that you should be aware of:

  1. Don't encrypt your only copy of data.  If you download a report that you need to transport by USB flash drive, save a copy of the data on the flash drive in encrypted format.  Leave the primary report in the original system that created it.  For example, if you need to transport a report from Cardinal Financials, save the report in encrypted format directly to the flash drive.  You can retrieve the original report from Cardinal Financials.

  2. Don't forget your password. Most advanced encryption tools cannot be reverse engineered; if you forget your password, the file is useless.  This is the basis for rule 1.

  3. Encrypt data on portable media regardless of how far it is going.  The majority of data loss through theft occurs on the original premises, not while on the road.  If you put a report on a laptop that is "never supposed to leave campus," make sure it is encrypted.  Experienced theives work college campuses where technology is plentiful and the environment less controlled than in a corporate office.

Back to top ^

Encryption for Microsoft Word and Excel files

Documents created in Microsoft Office 2003 applications such as Word or Excel can be saved with encryption.  To do so, follow these steps.

  1. Select File from the menu and then select Save As.

  2. In the Save As dialog window, click the Tools pulldown menu in the upper right corner, and then select Security Options.

  3. In the Security dialog window, in the "Password to open" box, type a strong password, and then click the Advanced button.

  4. In the Encryption type dialog window, scroll through the encryption types, and select "RC4, Microsoft Strong Cryptographic Provider."  Verify that the key length is set to 128 and that the "Encrypt document properties" box is checked.  Then click OK.

  5. Click OK in the Security dialog box.  Office asks you to confirm the password you selected by typing it again.

  6. Now go ahead and click Save in the Save As dialog. The document will be encrypted with a strong cypher using the password that you specified.

When you open a document that you have saved with encryption, Office prompts you for the password. You can then edit the document. It will be re-encrypted automatically when you select File, Save.

Don't forget the password that you used to encrypt the document, since it cannot be recovered. If you do forget it, the file is unusable.

Please note that Microsoft Office 2003 files encrypted in this way on Windows cannot be opened in Office 2004 for Macintosh on Mac OS X.

If you need to encrypt Microsoft Office documents for university business or academic research purposes and you are still running Office 2000, please ask your department head to submit a support request ticket online requesting that your computer be evaluated for an upgrade.



Back to top ^