File Encryption

What is file encryption?

File Encryption means providing security for files that reside on media, in a stored state, such as a hard drives, USB drive, SD Card, or any other type of digital storage medium. Encrypted files are usually stored locally and are encrypted and temporarily decrypted while being used and than encrypted again after the user is finished using them.

File encryption should be used when full system or full disk encryption is not utilized.

Why should I encrypt my files?

Data Confidentiality: Encrypting stored files prevents unauthorized users from reading, copying, or deleting encrypted files.   

File encryption can help protect files and information that are stored at-rest on your system. Identity thieves can use information obtained from unencrypted files to commit fraud or steal information from your system, so it is important to protect your data. It ensures that if your computer or device is stolen, data stored in an encrypted format will be unavailable to unauthorized users.

What file encryption software does the University of Regina recommend?

VeraCrypt is encryption software which makes digital files unreadable except to people who have the passwords to open them. Faculty and Staff using devices that contain sensitive information, personally identifiable information, financial or research information, etc., should install VeraCrypt to protect their files while stored.

VeraCrypt uses the terms VeraCrypt file, VeraCrypt container, and VeraCrypt volume to describe the file used to store encrypted data. However, VeraCrypt container is used for the purpose of this article.

VeraCrypt Containers are a virtual disk encryption mechanism, wherein the process of encrypting a file called a container, which can hold many files and folders, and permitting access to the data within the container only after proper authentication is provided. Once authenticated, the virtual disk is mounted and accessible.

A VeraCrypt Container:

  • Can be moved, copied, duplicated, backed up, or deleted just like any file or folder. However, a VeraCrypt or its copies can not be opened without the password.
  • Can only be opened with VeraCrypt and the password you set.
  • When opened, can have files copied or saved into it, files modified in it, and files copied or deleted from it.
  • Looks like another hard drive on your computer when opened. The files in it become encrypted when the virtual drive (i.e., container) is dismounted, or you quit the VeraCrypt program.  
  • Is available for Windows, Mac OSX, and Linux. This allows users to encrypt on one system, and open on another system type, provided the password is known.
  • Can encrypt files stored on portable media, such as a USB drive, even if the media its self is unencrypted.
  • Can be used as a portable application, so that software installation rights are not required to access encrypted volumes.

Very important: Do not delete the VeraCrypt container or lose your password. If you do the files you have placed in the container can never be opened again. 

Additionally, note that tools other than VeraCrypt are recommended for full disk or full system encryption. VeraCrypt is only currently recommended for file/container encryption.

What is the cost for file encryption?

VeraCrypt is open-source and free of cost.

Note: however, VeraCrypt is not officially supported as per Policy OPS-080-015 Supported Hardware, Software, and Mobile Devices.

Where can I download the VeraCrypt software?

The most up to date version for your computer can be found at: https://www.veracrypt.fr/en/Downloads.html

Instructions on how to create a VeraCrypt container, as recommended, are found at: https://www.veracrypt.fr/en/Beginner%27s%20Tutorial.html

Full documentation for VeraCrypt can be found at: https://www.veracrypt.fr/en/Documentation.html