EFS - Encrypting File System. Encrypted Files and Folders

(NTFS ver. 3.0 and newer)

Using EFS

User can invoke EFS features through Windows Explorer or by using a command-line utility called cipher.exe.

To use Windows Explorer to encrypt file, open File property window by right clicking on file name. Click Advanced... button — Advanced Attributes dialog will be opened allowing you to mark file as encrypted.

Before saving new settings Windows will prompt user to encrypt file only or the whole folder. It address very important issue — while the file itself could be perfectly protected, the application which opens the file may create a temporary copies of the file while working with the document.

The example is Microsoft Word. When user opens encrypted document, EFS decrypts it transparently for Word.

Then during the work, Word creates temporary hidden file where it automatically saves the document in the process of editing and deletes it on the exit.

This hidden file presents a real breach in security because it contains user data in plain (not encrypted) form. Encrypting the whole folder instead of file only solves this problem.