EFS (Encrypting File System)


EFS (Encrypting File System) is part of the NTFS File system featured on Windows XP Pro, Windows 2000, and Windows Server 2003 and is Window’s built-in file encryption method. EFS allows the transparent decryption and encryption of files using cryptographic algorithms by only allowing programs or users to decrypt data if they have the right key. Unlike early forms of cryptography such as ciphers, even if the device that holds the data is in possession of an unauthorized user, they cannot access its files unless the key is provided. This also prevents against authorized users on a computer from gaining access to the encrypted files if the key is not provided. EMS occurs at the file-system level and uses a symmetric key, which is a key that is encrypted with a public key/public key pair. This key pair is set to a user’s identity.
However, not fully understanding how EMS and using it can cause significant problems. Failure to properly encrypt data, using weak passwords, or making passwords available to others can be quite problematic. Furthermore, if a private key is misplaced or damaged, the files cannot be decrypted by even the original user that encrypted the files. The key can be recovered if the key has been archived, but if this didn’t happen, the file might be as good as dead. In my personal experience, I have found EFS to be very reliable and secure. Its operation is relatively simple and can secure even prone-to-theft laptops from having their sensitive data accessed. I love the fact that you do not require Full Control permissions or ownership to encrypt files, rather only Read and Write.
Additionally, I have used EMS Recovery a few times before to recover files from encrypted drives by using the volume Recovery Key. Contrary to what I had previously thought, this was really easy to do since it automatically scanned the BitLocker volumes to locate any recoverable items; it also does this while finding and fixing errors. Overall, EFS can be a great tool in the hands of an experienced user, yet risky for an amateur.
Bragg, Roberta. (n.d.) The Encrypting File System. Retrieved from https://technet.microsoft.com/en-us/library/cc700811.aspx.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s