Skip to content Skip to site navigation Skip to service navigation

Stanford Whole Disk Encryption (SWDE)

Protect your personal information and Stanford's data in the event your computer is lost or stolen

Stanford Device Registration has launched

Stanford Device Registration  brings the functionality of Stanford Whole Disk Encryption (SWDE), Device Enrollment, the Stanford Network Registration Tool (SNRT), and Compliance Checker into one place, so you no longer need to download various apps to achieve device compliance. To support the transition, you'll continue to have access to SWDE and Device Enrollment. However, these apps will eventually be retired. Learn more.

Note for School of Medicine faculty, staff, and students

Please use the instructions on the Data Security Program for the Stanford School of Medicine site to implement the Stanford University security requirements.

Encrypting your laptop and desktop computers using the Stanford Whole Disk Encryption (SWDE) service is the single most important step you can take to protect your and the University’s data in the event the device is lost or stolen. 

The SWDE service is for both Windows and Macintosh desktop and laptop computers that support native encryption. Once installed, all files are automatically encrypted. The data is protected while the computer is in standby or hibernation mode as long as the hard disk is password protected.

The University established a goal of verifiably encrypting all faculty, staff, and postdoc Windows and Macintosh computers.  This requirement applies to both Stanford and personally owned computers that are used for Stanford activities on the campus network, other than those granted exceptions due to special requirements

Features

  • Only those with password access to the system are authorized to access the data, which protects the data if your computer is lost or stolen.
  • Every computer using SWDE automatically checks in with a logging and administrative server on a regular basis. In the event of loss or theft of a computer with High Risk Data, Stanford policy requires notification of the Information Security Office (ISO). ISO in turn will use the logs to determine if a lost or stolen computer is a "reportable" event, possibly requiring notification of persons whose data may have been lost or stolen.
  • In the event you lose or forget your password, a self-service process to recover your encryption key is available.
  • If necessary, the whole disk can be unencrypted (with the assistance of your local IT support).

Note: Computers on which you access or use High Risk Data must run SWDE. Computers on which you access or use other types of Stanford data (i.e., Moderate or Low Risk Data) are recommended to run SWDE but can run the VLRE application, which periodically reports on the computer's encryption status.

Designed for

Current faculty and staff

Requirements

  • Mac: Mac OS X 10.9 or later
  • Windows:  Windows 7 Enterprise or Ultimate, Windows 8/8.1  Pro or Enterprise, or Windows 10 Pro, Enterprise, or Education (TPM chip required for Windows 8.0 and below)
  • BigFix must be installed.

Data security

May be used to store Low, Moderate, and High Risk Data, as defined by the Information Security Office.

Rates

Free of charge

Get started

To get started, you'll need to download and install SWDE.

Get help

For assistance, please submit a Help ticket or call (650) 725-4357.

Learn more

For IT professionals

See also

Last modified October 5, 2023