Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
An Encrypting File System (EFS) is a functionality of the New Technology File System (NTFS) found on various versions of Microsoft Windows. EFS facilitates the transparent encryption and decryption of files by making use of complex, standard cryptographic algorithms.
The cryptographic algorithms are used in EFS to provide useful security countermeasures, whereby only the intended recipient can decipher the cryptography. EFS uses symmetric and asymmetric keys during the encryption process, but it does not protect data transmissions. Rather, it protects data files within systems. Even if someone has access to a certain computer, whether authorized or not, he still cannot unlock the EFS cryptography without the secret key.
EFS is actually a transparent public key encryption technology that operates with NTFS permissions to allow or deny user access to files and folders in various Windows operating systems (OS), including NT (excluding NT4), 2000 and XP (excluding XP Home Edition).
Key EFS features are as follows:
Although used by many organizations, EFS must be handled with caution and knowledge, to avoid encrypting content that should be transparent, rather than secure. This is compounded by the fact that it may be difficult to decrypt data content that was not meant to be encrypted in the first place.
EFS developers remind users that once a folder is marked encrypted, all files contained in that folder are encrypted as well, including future files transported to that particular folder. However, a custom setting for encrypting “this file only” is available.
Encryption passwords are identity specific, so it is important for employees to avoid sharing passwords and equally important that users remember their passwords.