Encrypting File System (EFS), which is available in both Windows 2000 an XP (Professional), lets users secure data on a hard drive using public-key encryption. Even if an attacker gains access to data on a hard drive, files on the drive that have been encrypted are useless without the decryption key.
This feature will have significant benefits for laptop users and organizations with the need to further secure highly sensitive data. Files can be encrypted individually or a folder can be designated as encrypted so that any file written to that folder would be automatically encrypted.
A user does not have to be an expert in File encryption to use this facility, so some users might try working with EFS to hide illicit material. So you might want to get EFS away from your users.
Since EFS works only in NTFS partitions, one option is to use only FAT partitions on workstations that maybe prone to improper use. The main disadvantage with FAT is that security to files and folders is reduced but then if you want to prevent these users from applying too much security to files and folders, the best option might be to use FAT.
If, however, you wish to use NTFS, then another option would be to disable EFS. The following procedure shows how this can be done:
- Run Regedit
- Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS sub key.
- Go to edit, then select New.
- DWORD Value.
- Enter a name of EfsConfiguration and press Enter.
- Double-click the new value then set it to 1 (this disables EFS) Click OK.
- Close the registry editor.
- Reboot the machine
Adesh Rampat has 10 years experience with network and IT administration. He is a member of the
Association Of Internet Professionals, the Institute For Network Professionals, and the
International Webmasters Association. He has also lectured extensively on a variety of
This was first published in July 2003