Skip to end of metadata
  • Created by Former user, last modified by Former user on Jun 09, 2023
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

Beware of this pitfall

A common misconception is that it is inherently secure to send data from your workstation to another system simply because your system has full disk encryption enabled. In truth, when a file is sent in this scenario the file is unencrypted prior to being sent. This means that the unencrpyted file is being transmitted and arrives unencrpyted at the recipients end. Even in the case that you use an encrypted channel such as https, this only ensures that the transmission of the file is encrypted. The end result is the same and the file that is received will be the unencrypted version of the file you sent. To ensure that the data you are sending arrives as an encrypted file, you must encrypt that file using file-level encryption prior to sending it.

We want your feedback

Please email securemyresearch@iu.edu to report errors/omissions and send critiques, suggestions for improvements, new use cases/recipes, or any other positive or negative feedback you might have.  It will be your contribution to the Cookbook and appreciated by all who use it.

See this video, Securing HIPAA Workflows on UITS Systems, for a HIPAA-centric example of how to secure your workflow that is broadly applicable to the principles mentioned on this page.

  • No labels