Welcome to the Indiana University Global Symantec Encryption Management Service (PGP) Page

The Symantec Encryption Management Service (PGP) represents one of many security service components offered by UITS Leveraged Services. The PGP service mission is to provide a platform for those who work with sensitive data and secure your computer in the event it is lost or stolen, this prevents the data from being accessed by an unauthorized third party. In some cases, an encrypted device (Hard drive) alleviates the need for a breach notification to the public.

Using the PGP desktop application in conjunction with the University Global Symantec Encryption Management Service facilitates the ability to use Whole Disk Encryption (WDE) to encrypt an entire hard drive, and create PGP virtual disks that create secure locations on your PC or MAC to store sensitive data that may have been discovered by the Global Identity Finder Services. In addition to providing whole disk encryption, you can create PGP Virtual Disks on your device where data can be encrypted, use PGP Zip which facilitates sending encrypted files through e-mail, PGP Shredder, and management of PGP/GPG keys centrally if you were to forget your passphrase or lose access to data.

Why use PGP rather than BitLocker?

This is a choice the Windows User or IT Professional implementing the client and/or services will have to decide. For those not using Windows devices, PGP is highly recommended. PGP and BitLocker has its strengths and advantages, however as a University the PGP technologies were chosen due to various capabilities not found in other products and technologies.

For Example:
  • The PGP WDE functionality encrypts the entire hard disk of your computer, requiring a password before the operating system can boot.
    • This layer of security prevents a third party from being able to read the contents of the disk when using methods to bypass booting the disk (e.g., booting from a Linux Live CD or Windows PE CD).
  • Some hardware does not have a hardware device called a TPM built into some hardware that is required to use BitLocker.
  • Unlike BitLocker PGP does require a passphrase when starting up a device. If it was in Hibernation you will not be prompted by the PGP passphrase.
  • BitLocker is easier to implement, however there is not a University service to manage devices or to secure Mac and Unix devices.
  • Losing access to BitLocker protected devices requires that the End-user have access to the BitLocker Recovery Key.
  • IT professionals in addition to an End-user can access a single PGP protected device without a BitLocker encryption key. More than one user can access a drive on a single device.
The Symantec Encryption Management Service (PGP) offers several auditing benefits such as:
  • Proof that Data Recovery has been completed via the central services console
  • Management awareness of highly sensitive data
  • Central Auditing

The Symantec Encryption Management Service (PGP) Console keeps an accurate inventory of all devices and Users whom are using encryption as part of the requirements of the University sensitive data compliance requirements.

rolling icon image