All new computer replacement program (CRP) laptops will be encrypted prior to delivery.

Anyone who purchases a department-funded laptop must contact ITAC to have the laptop encrypted. Where applicable, ITAC will involve the department’s technical support person (TSP) to aid in software installation, encryption set up, and end-user registration.

In an effort to encrypt as many laptops as possible, ITAC will undergo the below initial laptop encryption effort:

1. ITAC will contact each department's inventory account manager and provide a list of all laptops in that department that require encryption. 
2. Within a two-week time frame, the account manager should reply to ITAC's inquiry by returning the Excel document template identifying the following information of the Texas State employee who is the primary user of each laptop on the inventory list. 
   • Name
   • NetID
   • Phone
   • Location
   • Whether or not the laptop is the employee's primary computer
3. ITAC will send a request to each laptop owner to present the encryption options and request a respond to make an appointment to encrypt their laptop.
4. Options will be defined in the service request ticket and the laptop owner should respond within two weeks with their selection.
5. From that point, ITAC will work closely with the laptop owner to ensure that the encryption process is a success.
6. A security enabled Device Encryption label will be affixed to the laptop indicating that it has been encrypted.

Important Notes: 

• Do not remove the Device Encryption security label. 
• Do not assume that the device is encrypted simply because the laptop has a label.  If you reimage the laptop or reload the operating system, you will need to contact ITAC to have the device encrypted once more. Protecting data via laptop encryption is everyone's responsibility.
• While the laptop is encrypting, do not allow it to go to sleep or shut off. This will disrupt the encryption process.

After the first round of laptop encryption is complete, it will be the responsibility of the laptop owner and the department inventory account manager to ensure that all laptops are encrypted and stay encrypted. 

Any new laptop that gets added to an inventory list must have encryption on it to protect university and personal data.  If a laptop is reimaged or has a new operating system installed, someone from your department must contact ITAC to encrypt the device.  See the encryption options below.

The Process:

1. When prompted by ITAC through a service request ticket, you reply and make an appointment for a specific date to drop off your laptop at the ITAC Walk Up Center.
2. ITAC backs up your data and installs McAfee Endpoint Encryption software.
3. ITAC enables encryption on the laptop and all of your files move through the encryption process.
4. ITAC contacts you when the computer is ready and when you pick it up, ITAC walks you through the initial log in process.
5. Once ITAC has verified that your data is restored and the laptop is encrypted, we will destroy the data back up. 

Approximate turnaround time:  3 business days

Advantage of Choosing Option #1:

Allowing ITAC to fully provide this encryption service will ensure that your data is backed up, that encryption is installed and fully operational, and that you fully understand how encryption works on your laptop.  There is no charge for this service.

The Process:

1. When prompted by ITAC through a service request ticket, you reply and make an appointment for a specific date to drop off your laptop at the ITAC Walk Up Center.
2. ITAC backs up your data and installs McAfee Endpoint Encryption software.
3. ITAC enables encryption on the laptop.
4. While your files are being encrypted, ITAC will contact you to pick up your laptop.
5. Once the encryption process is complete, follow these steps to get set up and log in for the first time.
6. Follow these steps to check the encryption status and ensure that your laptop is fully encrypted.
7. Once complete, you will work with ITAC to obtain and affix the Device Encryption security label on your device.
8. After ITAC has verified with you that your data is restored and the laptop is encrypted, we will destroy the data back up.

Approximate turnaround time:  Same business day

Advantage of Choosing Option #2:

Allowing ITAC to begin this encryption service for you will ensure that your data is backed up, that encryption software is installed, and that the encryption process has begun.  There is no charge for this service.

Disadvantage of Choosing Option #2:

You will be responsible for ensuring that the encryption process completes, that the device is actively encrypting, obtaining a Device Encryption security label, and that you set up your account and understand how the process works.

The Process:

1. You or your department TSP are responsible for backing up your data.
2. When prompted by ITAC through a service request ticket, you reply and make an appointment for a specific date to for ITAC to remotely install McAfee Endpoint Encryption software on your laptop.
3. ITAC enables encryption on the laptop and all of your files move through the encryption process.
4. Once the encryption process is complete, follow these steps to get set up and log in for the first time.
5. Follow these steps to check the encryption status and ensure that your laptop is fully encrypted.
6. Once complete, you will work with ITAC to obtain and affix the Device Encryption security label on your device.

Approximate turnaround time:  Same business day

Advantage of Choosing Option #3:

Encryption can be installed remotely, so you do not need to leave your laptop with ITAC for any period of time.

Disadvantage of Choosing Option #3:

You are responsible for backing up and restoring your own data on the laptop.  You are also responsible for ensuring that the encryption process completes, that the device is actively encrypting, obtaining a Device Encryption security label, and that you set up your account and understand how the process works.