Article

Windows .NET Server to the rescue

Roberta Bragg


Security Expert
Roberta Bragg
Until now, my recommendations for preventing data loss from Encrypting File System have been to disable EFS (it is enabled by default), then enable it for those few who really need the service and ensure that their keys are archived. Alternatively, I've helped organizations set up a public key infrastructure using Windows 2000 Certificate Services. This infrastructure does not provide any key-archival services, but it does allow a more organized approach to EFS management and allows the setup of multiple data recovery agents.

Neither method provides an easy approach for large numbers of users, and both involve lots of management issues.

The release of Windows .NET Server offers a much better solution. With Windows .NET Server, Certificate Services provides the ability to do key archival. This means that a properly configured system will automatically archive the EFS encryption keys

Requires Free Membership to View

of each user. Should a user's drive be reformatted, or his keys otherwise destroyed, the keys themselves can be recovered. No data loss, no reliance on a data recovery agent, no inadvertent exposure of data to other individuals. --Roberta Bragg

>> To find out more about avoiding data loss from EFS -- now and with soon-to-be-available security features in Windows .NET Server -- tune in to Roberta's live expert webcast, "Protecting sensitive data with Windows .NET Server.".

>> Ask Roberta an EFS question.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: