Step 1: Find out if your device is compliant.
Use the MyDevices website to see a list of the computers that Stanford's records indicate are currently associated with you, along with their compliance statuses. If you see a device that is no longer in use or no longer associated with you, click the Remove button for that device.
Step 2: Choose the operating system of your non-compliant device.
Compliance is required for all macOS devices used by employees on the campus network.
Step 3: Determine if your device can be encrypted.
Supported Operating Systems
macOS 10.9 and above
Yes
Proceed to Step 4
Step 4: Do you (or will you) access or store High Risk Data using this device?
No
Proceed to Step 5.
Step 5: Which encryption service should you use?
For those Stanford and personally owned devices that are not compliant, choose and download the option that best meets your needs:
| Features | Encryption with Management | Encryption with Reporting |
|---|---|---|
| Verifiably encrypts computer | Yes | Yes |
| Complies with Stanford encryption requirement for High Risk Data | Yes | No |
| Deploys security patches and computer updates automatically via BigFix | Yes | No |
| Reports computer's encryption and screen saver status | Yes | Yes |
| Securely stores encryption key | Yes | optional |
| Supported Operating Systems | macOS 10.9 and above | macOS 10.9 and above |
| Download | Install SWDE for Mac | Install VLRE for Mac |
If your device cannot be encrypted:
Option 1: Upgrade or replace
If your device is not running a supported operating system, it cannot become compliant in its current state. You can do one of the following:
- Upgrade the operating system.
- Replace your device with one capable of running a supported operating system.
If you need assistance, contact your local support.
Option 2: Disavowal
Indicate that the device is no longer being used.
- Open mydevices.stanford.edu to see a list of devices and their compliance statuses.
- Click the Remove button for that device.
- Select the reason for removal and click the Submit button.
Option 3: Exception
Submit an exception request for computers that cannot support encryption due to special research requirements.
- Request a compliance exception.
- Your exception request will be reviewed within one week.
Option 4: No action
- Receive weekly email notifications until the device's enforcement grace period has expired.
- Campus network access will be restricted for any device that remains non-compliant after its grace period has expired.
Compliance is required for all Windows devices used by employees on the campus network.
Step 3: Determine if your device can be encrypted.
Supported Operating Systems
Windows 7 Enterprise or Ultimate
Windows 8 / 8.1 Pro or Enterprise
Windows 10 Pro, Enterprise, or Education
Windows 11 Pro, Enterprise, or Education
TPM required for Windows 8.0 and below
Yes
Proceed to Step 4
Step 4: Do you (or will you) access or store High Risk Data using this device?
No
Proceed to Step 5.
Step 5: Which encryption service should you use?
For those Stanford and personally owned devices that are not compliant, choose and download the option that best meets your needs:
| Features | Encryption with Management | Encryption with Reporting |
|---|---|---|
| Verifiably encrypts computer | ||
| Complies with Stanford encryption requirement for High Risk Data | ||
| Deploys security patches and computer updates automatically via BigFix | ||
| Reports computer's encryption and screen saver status | ||
| Securely stores encryption key | optional | |
| Supported Operating Systems |
Windows 7 Enterprise or Ultimate Windows 8 / 8.1 Pro or Enterprise Windows 10 Pro, Enterprise, or Education |
Windows 7 Enterprise or Ultimate Windows 8 / 8.1 Pro or Enterprise Windows 10 Pro, Enterprise, or Education |
| Install SWDE for Windows | Install VLRE for Windows |
If your device cannot be encrypted:
Option 1: Upgrade or replace
If your device is not running a supported operating system, it cannot become compliant in its current state. You can do one of the following:
- Upgrade the operating system.
- Replace your device with one capable of running a supported operating system.
If you need assistance, contact your local support.
Option 2: Disavowal
Indicate that the device is no longer being used.
- Open mydevices.stanford.edu to see a list of devices and their compliance statuses.
- Click the Remove button for that device.
- Select the reason for removal and click the Submit button.
Option 3: Exception
Submit an exception request for computers that cannot support encryption due to special research requirements.
- Request a compliance exception.
- Your exception request will be reviewed within one week.
Option 4: No action
- Receive weekly email notifications until the device's enforcement grace period has expired.
- Campus network access will be restricted for any device that remains non-compliant after its grace period has expired.
Compliance is required for all iOS devices used by employees on the campus network.
Step 3: Determine if your device can be encrypted.
Supported Operating Systems
Apple Device: iOS 10 or later
If your device cannot be encrypted:
Option 1: Upgrade or replace
If your device is not running a supported operating system, it cannot become compliant in its current state. You can do one of the following:
- Upgrade the operating system.
- Replace your device with one capable of running a supported operating system.
If you need assistance, contact your local support.
Option 2: Disavowal
Indicate that the device is no longer being used.
- Open mydevices.stanford.edu to see a list of devices and their compliance statuses.
- Click the Remove button for that device.
- Select the reason for removal and click the Submit button.
Option 3: Exception
Submit an exception request for computers that cannot support encryption due to special research requirements.
- Request a compliance exception.
- Your exception request will be reviewed within one week.
Option 4: No action
- Receive weekly email notifications until the device's enforcement grace period has expired.
- Campus network access will be restricted for any device that remains non-compliant after its grace period has expired.
Compliance is required for all Android devices used by employees on the campus network.
Step 3: Determine if your device can be encrypted.
Supported Operating Systems
Android Device: Android 6.0 or later
If your device cannot be encrypted:
Option 1: Upgrade or replace
If your device is not running a supported operating system, it cannot become compliant in its current state. You can do one of the following:
- Upgrade the operating system.
- Replace your device with one capable of running a supported operating system.
If you need assistance, contact your local support.
Option 2: Disavowal
Indicate that the device is no longer being used.
- Open mydevices.stanford.edu to see a list of devices and their compliance statuses.
- Click the Remove button for that device.
- Select the reason for removal and click the Submit button.
Option 3: Exception
Submit an exception request for computers that cannot support encryption due to special research requirements.
- Request a compliance exception.
- Your exception request will be reviewed within one week.
Option 4: No action
- Receive weekly email notifications until the device's enforcement grace period has expired.
- Campus network access will be restricted for any device that remains non-compliant after its grace period has expired.
Devices running Linux and Windows Phone are temporarily exempt from the encryption requirement.
Do not store High Risk Data without a formal exception.
