Skip to end of metadata
Go to start of metadata

Alerts

No Alerts at this time.

E-mail: security@lbl.gov

Encryption Recommendations

Overview

Support for email and file encryption at Berkeley Lab is best effort only. Below are Cyber Security team's recommendations, not Berkeley Lab standards.

Remember that Personally Identifiable Information (PII) and Health Information as defined may only be stored in the central business systems approved for PII (HRIS, FMS, etc).

If you hold sole source institutional information under encryption, you must archive your key and passphrase with your supervisor, two different individuals, or a designee. This is required in order to allow recovery of sole source institutional information in the event that it is deemed necessary by the Laboratory.

Encrypting Email

PGP is the most common and easiest way to encrypt email. Cyber Security recommends using , which works with Gmail.  You can upload your key to https://pgp.mit.edu/.  This is not an officially IT supported services, but if you email security@lbl.gov we can try to help. If you want to send us a test message, our key is here. 

Encrypting Files

PGP

Using PGP or a PGP application, such as Mailveloped mentioned above, you can encrypt files.

Built-in

Many modern operating systems have built-in capabilities to encrypt files. The use of these built-in capabilities is a recommended.

Utilities - the following utilities can be used to encrypt files.

  • is a utility that can be used to password protect (encrypt) and compress a file.
  • Password protected MS Office documents Your colleague password protects an Office document and calls you with the password. MS office encryption is not robust and is easily breakable, however, this may be sufficient for transmitting Official-Use Only (OUO) or other low-sensitivity information.