So What is Encrypting File System?
Encrypting File System, or EFS, is an encryption technology that was introduced by Microsoft with version 3.0 of it’s NTSF or New Technology File System. EFS is available for use with all Microsoft business environment designed operating systems starting with Windows 2000 and is not on by default, but can be enabled on a per file, per folder, or per drive basis. EFS uses a combination of Public Key Cryptology and Symmetric Key Cryptology. Public Key Cryptology uses two separate key codes in its encryption process with one that encrypts the text of the file and the second that decrypts the encryption.
Neither of the keys can open the full file alone and must be used in tandem to unlock the encrypted data. Symmetric Key Cryptology uses the same key to both lock and unlock the encrypted data and is considered a shared-secret type of encryption. One of the most significant drawbacks to using EFS, or any other encryption technology, is recovery from user error. Files encrypted with EFS can only be accessed through Windows based systems, are protected by the user’s system password, and if a special tool or outside system is used to reset the user’s system password, then all data that was encrypted will be lost without the specific RSA private key.
To use EFS on supported versions of the Windows operating system, you must first confirm that the storage drive to be used is operating with NTFS. If the drive is NTFS, then select the file, folder, or drive to be encrypted and select properties. Within the properties will be a check box that will activate the EFS encryption protocol. Systems that do not support EFS directly but operate on NTFS, such as Windows 7 Starter, Home Basic, and Home Premium, have access to many of the maintenance functions of EFS. By running the program Cipher.exe from the command prompt, users will be able to decrypt files, modify encrypted files, import EFS keys and certificates, and back up EFS keys and certificates.
A Word of Warning
While encryption is important, along with a strong password, for protecting valuable data, it is also important to understand the significance and strength of the system you are employing. Once data is encrypted with EFS, this data will never again be available to anyone without the proper key authentication until that data is decrypted. These encryption keys cannot be recovered like a password so they must be backed up and protected more vigilantly.
Case in point, data loss due to a lost EFS encryption key or missing back up became such a common occurrence to inexperienced users that the term “delayed recycle bin” was coined to describe the inevitability of the lost key or back up along with the encrypted data.