Standard:
YALE-MSS-7.2: Encrypt all electronic storage devices
YALE-MSS-7.2.1: Ensure decryption methods are available upon request by a university official
Low Risk Endpoint
Not Required
Moderate Risk Endpoint
Required
High Risk Endpoint
Required
Low Risk Server
Not Required
Moderate Risk Server
Required
High Risk Server
Required
Low Risk Mobile Device
Not Required
Moderate Risk Mobile Device
Required
High Risk Mobile Device
Required
Low Risk Network Printer
Not Required
Moderate Risk Network Printer
Required
High Risk Network Printer
Required
Details
Yale recognizes that there may be a legal, regulatory, or business need to monitor and decrypt data. Any method used to encrypt Yale data must have a decryption method available upon request by an authorized University official.
If requested, provide the encryption key (e.g. through a secrets manager) or be able to provide the data unencrypted.
This requirement is satisfied if the device is enrolled in the Managed Workstation program or Yale's Secure USB service.