PROBLEM WITH THIS WEBPAGE?
Report an accessibility problem
To report another problem, please contact helpdesk@marquette.edu.
Encryption Policy
Purpose
The purpose of this policy is to provide guidance that limits the use of encryption to those algorithms that have been proven to work effectively.
Scope
This policy applies to all Marquette University employees and affiliates.
Policy
University faculty and staff are encouraged to encrypt files, documents, and messages containing sensitive or confidential university information for protection against unauthorized disclosure while in transit.
However, any encryption performed on university systems must use proven standard algorithms and such encryption must permit properly designated university officials, when required and authorized to decrypt the information.
Proven, standard algorithms should be used as the basis for encryption technologies. Examples of standard encryption tools include:
- Pretty Good Privacy (PGP) uses a combination of IDEA and RSA or Diffie-Hillman
- Secure Socket Layer (SSL) uses RSA encryption.
The use of proprietary encryption algorithms is not allowed for any purpose, unless reviewed by qualified experts outside of the vendor in question and approved by Information Technology Services. Be aware that the export of encryption technologies is restricted by the U.S. Government. Residents of countries other than the United States should make themselves aware of the encryption technology laws of the country in which they reside.
Enforcement
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
Definitions
- Proprietary Encryption:
An algorithm that has not been made public and/or has not withstood public scrutiny. The developer of the algorithm could be a vendor, an individual, or the government. - Symmetric Cryptosystem:
A method of encryption in which the same key is used for both encryption and decryption of the data. - Asymmetric Cryptosystem:
A method of encryption in which two different keys are used: one for encrypting and one for decrypting the data (e.g., public-key encryption).