Windows Security
  Home arrow Windows Security arrow Advanced Data Protection in Windows
ASP Free Forums 
.NET  
ASP  
ASP Code  
ASP.NET  
ASP.NET Code  
BrainDump  
C#  
Code Examples  
Database  
Database Code  
IIS  
Microsoft Access  
MS SQL Server  
Visual Basic.NET  
Windows Scripting  
Windows Security  
XML  
ASP Web Hosting  
ASP.NET Web Hosting 
Dedicated Servers 
Download TestComplete 
Windows Web Hosting
 
IBM® developerWorks 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WINDOWS SECURITY

Advanced Data Protection in Windows
By: Nilpo
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 4 stars4 stars4 stars4 stars4 stars / 3
    2007-12-04

    Table of Contents:
  • Advanced Data Protection in Windows
  • How EFS works
  • Implementing EFS
  • Enhancing EFS
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
     
    ADVERTISEMENT

    Free Web 2.0 Code Generator! Generate data entry and reporting .NET Web apps in minutes. Quickly create visually stunning, feature-rich apps that are easy to customize and ready to deploy. Download Now!

    Advanced Data Protection in Windows
    (Page 1 of 4 )

    In my last article I gave an introduction to basic data protection methods available in Windows. The methods I outlined provide a moderate level of protection that, due to their inherent shortcomings, may not be enough. For those who require a higher level of security, Windows provides two more methods of protecting your data.

    Both of the advanced methods I'll be describing utilize encryption. In layman's terms, encrypting a file scrambles its contents and rewrites it to the drive. It can only be unscrambled if the proper credentials are provided.

    The effectiveness of file encryption is dependent upon the algorithm being used and the strength of the encryption key that is provided. However, without the necessary encryption key, a file is effectively unreadable. Since this method of protection does not rely on the operating system, it provides a much more secure form of data protection.

    The method I'll be covering in this article is an NTFS feature known as Encrypted File System. This encryption method is built into the file system and is available to any operating system that supports NTFS. By default, this is Windows 2000 and newer.

    In Windows 2000 and Windows XP, EFS is only available in the Professional editions. This is because the home versions use a different NTFS driver that lacks support for EFS. Newer versions of Windows support EFS in all versions.

    Encrypted File System in Windows relies on your user information to create the encryption key. It creates a sort of password hash based on your account SID. This is important to remember, because if you change accounts you will no longer have access to your files. I'll describe how to back up your key later in this article in case something goes awry.

    In Windows, EFS must be enabled on a file-by-file basis. (Encrypting a folder actually applies EFS to each of the child files.) In its original design, you were only able to encrypt files under your own user directory. Now, however, you can encrypt any file based on your account credentials.

    Next: How EFS works >>
     

    More Windows Security Articles
    More By Nilpo


       · Continuing my series on data protection in Windows, we take a look at the Encrypted...
     
    >>> Post your comment now!

    WINDOWS SECURITY ARTICLES

    - Advanced Data Protection in Windows
    - Basic Data Protection in Windows
    - Windows XP Security
    - Lucky You, Microsoft has Sent You an Email! ...
    - Implementing a PKI, Part III: Managing Micro...
    - Windows 2000 Security
    - A Security Roadmap
    - Implementing a Public Key Infrastructure (PK...
    - Hardening Communications
    - Windows Host Security: Network Security Hacks
    - Hardening Wireless LAN Connections, Part 2
    - Hardening Wireless LAN Connections Part 1
    - Windows Reverse Engineering
    - Microsoft's Latest Security Updates -- The G...
    - Cross Site Scripting (XSS): An Overview
    Find More Windows Security Articles
     
    Accelerating Trading Partner Performance
     
    Competing on Analytics
     
    Cost Effective Scaling with Virtualization and Coyote Point Systems
     
    Five Checkpoints to Implementing IP Telephony
     
    Hosted Email Security: Staying Ahead of New Threats
     




    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 1 hosted by Hostway