.NET
ASP
ASP Code
ASP.NET
ASP.NET Code
BrainDump
C#
Code Examples
Database
Database Code
IIS
Microsoft Access
MS SQL Server
Silverlight
Visual Basic.NET
Windows Scripting
Windows Security
XML

Mobile Linux
App Generation ROI
IBM® developerWorks

ASP Web Hosting
ASP.NET Web Hosting
Windows Web Hosting

Weekly Newsletter
Developer Updates
Free Website Content

Articles

Forums

All Feeds

Write For Us Get Paid

Request Media Kit

Site Map

Privacy Policy
Support

USERNAME

PASSWORD

>>> SIGN UP!

Lost Password?

WINDOWS SECURITY

RSS

Advanced Data Protection in Windows

By: Nilpo	Search For More Articles! Disclaimer Author Terms
Rating: / 4
2007-12-04

Table of Contents:

Advanced Data Protection in Windows

How EFS works

Implementing EFS

Enhancing EFS

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

Advanced Data Protection in Windows

(Page 1 of 4 )

In my last article I gave an introduction to basic data protection methods available in Windows. The methods I outlined provide a moderate level of protection that, due to their inherent shortcomings, may not be enough. For those who require a higher level of security, Windows provides two more methods of protecting your data.

Both of the advanced methods I'll be describing utilize encryption. In layman's terms, encrypting a file scrambles its contents and rewrites it to the drive. It can only be unscrambled if the proper credentials are provided.

The effectiveness of file encryption is dependent upon the algorithm being used and the strength of the encryption key that is provided. However, without the necessary encryption key, a file is effectively unreadable. Since this method of protection does not rely on the operating system, it provides a much more secure form of data protection.

The method I'll be covering in this article is an NTFS feature known as Encrypted File System. This encryption method is built into the file system and is available to any operating system that supports NTFS. By default, this is Windows 2000 and newer.

In Windows 2000 and Windows XP, EFS is only available in the Professional editions. This is because the home versions use a different NTFS driver that lacks support for EFS. Newer versions of Windows support EFS in all versions.

Encrypted File System in Windows relies on your user information to create the encryption key. It creates a sort of password hash based on your account SID. This is important to remember, because if you change accounts you will no longer have access to your files. I'll describe how to back up your key later in this article in case something goes awry.

In Windows, EFS must be enabled on a file-by-file basis. (Encrypting a folder actually applies EFS to each of the child files.) In its original design, you were only able to encrypt files under your own user directory. Now, however, you can encrypt any file based on your account credentials.

Next: How EFS works >>

More Windows Security Articles
More By Nilpo

Comments On: Advanced Data Protection in Windows
· Continuing my series on data protection in Windows, we take a look at the Encrypted...

>>> Post your comment now!

WINDOWS SECURITY ARTICLES

- Encrypting Flash Drives with TrueCrypt
- Introduction to Encryption
- Top Add-Ins for Windows Home Server
- Using Windows XP and Linux Ubuntu Dual Boot ...
- Windows 8
- Which Version of Windows 7 Should You Use?
- Choosing the Best Windows XP Firewall
- Finding the Correct Drivers for Windows XP D...
- Windows Network Troubleshooting: Tips and Te...
- Windows XP Home Network Setup: Essential Ste...
- Using Windows Recovery Console to Fix Blue S...
- Fix Blue Screen of Death in Windows XP: Corr...
- Storing Data with Windows Skydrive
- Windows System Administrator`s Toolbox
- Solving Windows Genuine Advantage Problems
Find More Windows Security Articles