The University established a requirement to verifiably encrypt all Windows and Mac computers, as well as Apple and Android mobile devices that are used by employees on the campus network.
All devices covered by the security mandate must be encrypted using the operating system's native encryption facilities. For Mac OS FileVault 2 is required, and for Windows desktop operating systems BitLocker is required. Mobile iOS and Android devices must be encrypted using their available built-in technologies.
For Mac OS and Windows devices, either BigFix or VLRE must be installed in order to verify encryption in an ongoing way that can be centrally audited. Devices that have access to High Risk Data must have BigFix installed and be configured for Stanford Whole Disk Encryption (SWDE) settings management .
All faculty, staff and postdoc Apple and Android mobile devices used for Stanford activities on the campus network are subject to the verifiable encryption requirement. Mobile Device Management (MDM) is Stanford's mobile device security solution.