File encryption

All members of the university must act in accordance with the relevant laws and University Information Security Policies.


The (free) 7-Zip application offers robust encryption facilities (AES-256) and is available on all managed PCs throughout the University, via Software Center or the Company Portal if not already installed. Individual files (or groups of files) can be encrypted and the resultant files then shared via the Office 365 services with a high degree of assurance that there is little risk of inadvertent disclosure.

The main risk is the accidental disclosure of the password used to encrypt the data - 7-Zip is an example of encryption based on a "shared secret" which needs to be conveyed to the message's recipient before they can decrypt the files sent.

7-Zip lets you create encrypted copies of your files (they are referred to as archives) in either .zip or .7z format. We recommend that you encrypt in .7z format, but if this format causes any problems for those with whom you are sharing your files then encrypt them in .zip format.

It is essential that the password and encrypted files are sent separately by different mechanisms. For example encrypt a file and share using OneDrive then phone the recipient to give them the password verbally.

For guidance on using 7-zip, see:

MS Office file encryption

The file encryption in Office 2013 and 2010 works best with files saved in xml format (i.e. docx, .xlsx and .pptx files). (File encryption is also available in some earlier versions of Office, but we strongly recommend that you do not encrypt files in these earlier versions.)