Securing Your Unsupported Operating System
If a device can use whole-disk encryption that meets the GRC Standards, then that must be used. If no such option is available, the device still must be encrypted and alternative whole-disk encryption may be used. An example of this situation is a new version of an Operating System that GRC-supported encryption software does not yet support. Once a supported and GRC Standard-compliant solution becomes available, it must be implemented to replace the non-standard encryption.
If a non-standard encryption is used, the following information must be provided to the IT helpdesk:
- Name of unit providing the encryption service
- Name of individual performing the encryption installation
- Name of individual that is the primary device user
- Name of the GRC unit the device user has primary affiliation with
- Ownership of the device (GRC-owned or personally owned)
- Date and time device had whole disk encryption installed and activated
- Make, model, serial number, GRC asset tag number (if applicable) of the device
- Operating System including version number
- The name, vendor and version of the encryption software used
- Statement indicating the following, “Device was encrypted with whole disk encryption”.