YALE-MSS-7.2.1: Ensure decryption methods are available upon request by a university official

Standard:
YALE-MSS-7.2: Encrypt all electronic storage devices

Low Risk Endpoint Not Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Not Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Not Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Not Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Details and definitions

Yale recognizes that there may be a legal, regulatory, or business need to monitor and decrypt data. Any method used to encrypt Yale data must have a decryption method available upon request by an authorized University official.

Guidance

If requested, provide the encryption key (e.g. through a secrets manager) or be able to provide the data unencrypted.

This requirement is satisfied if the device is enrolled in the Managed Workstation program or Yale's Secure USB service.

Critical vulnerability in all versions of Linux.

YALE-MSS-7.2.1: Ensure decryption methods are available upon request by a university official

Standard:YALE-MSS-7.2: Encrypt all electronic storage devices

Details

Standard:
YALE-MSS-7.2: Encrypt all electronic storage devices