[WEBINAR] Better to Ask Permission? Best Practices for Privacy and Security

Encrypting File System (EFS)

Definition - What does Encrypting File System (EFS) mean?

An Encrypting File System (EFS) is a functionality of the New Technology File System (NTFS) found on various versions of Microsoft Windows. EFS facilitates the transparent encryption and decryption of files by making use of complex, standard cryptographic algorithms.

The cryptographic algorithms are used in EFS to provide useful security countermeasures, whereby only the intended recipient can decipher the cryptography. EFS uses symmetric and asymmetric keys during the encryption process, but it does not protect data transmissions. Rather, it protects data files within systems. Even if someone has access to a certain computer, whether authorized or not, he still cannot unlock the EFS cryptography without the secret key.

Techopedia explains Encrypting File System (EFS)

EFS is actually a transparent public key encryption technology that operates with NTFS permissions to allow or deny user access to files and folders in various Windows operating systems (OS), including NT (excluding NT4), 2000 and XP (excluding XP Home Edition).

Key EFS features are as follows:

  • The encryption process is easy. Select the check-box in the file or folder's properties to turn on the encryption.
  • EFS offers control over who can read the files.
  • Files selected for encryption are encrypted once they are closed but are automatically ready to use once opened.
  • The file's encryption feature may be removed by clearing the check-box in the file properties.

Although used by many organizations, EFS must be handled with caution and knowledge, to avoid encrypting content that should be transparent, rather than secure. This is compounded by the fact that it may be difficult to decrypt data content that was not meant to be encrypted in the first place.

EFS developers remind users that once a folder is marked encrypted, all files contained in that folder are encrypted as well, including future files transported to that particular folder. However, a custom setting for encrypting “this file only” is available.

Encryption passwords are identity specific, so it is important for employees to avoid sharing passwords and equally important that users remember their passwords.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.