How To Use Windows Encrypting File System - Page 1 of 2

By TOM BOWSER


Versions of Windows That Support EFS

My discussion of the Windows encrypting file system will focus on Windows operating systems released after Windows XP. If you are using an older version of Windows prior to Windows Vista you need to upgrade to a more modern, recently released version of Windows. Microsoft no longer supports versions of Windows Prior to Windows Vista. Versions of Windows prior to Windows Vista can no longer be considered secure.

The following Windows operating systems support EFS and are relevant to this tutorial:
  • Windows Vista Ultimate, Business and Enterprise editions
  • Windows 7 Ultimate, Professional and Enterprise editions
  • Windows 8 and 8.1 Pro and Enterprise editions

This tutorial is intended for SOHO (small office, home office) and home computer users not joined to a "Windows Domain". If you work for a company that has a separate IT department be sure to contact them before using EFS or any other type of encryption.

When using EFS the process of encryption and decryption is generally transparent to the user. You should not notice the encryption and decryption process unless you encrypt a large file or folder that contains many files.

An example scenario using EFS: You typed a letter disputing a charge made to your charge card. The letter contains important account information. To protect the information contained in the letter you saved it into a folder in which you've enabled EFS encryption. The letter will be automatically encrypted with no action required by you. When you need to edit the letter you open it with your word processing program. The typed letter/document is automatically decrypted and ready to edit with no action required by you to decrypt it. Unless a document or file is large you will not notice the encryption, decryption process.

In the preceding scenario, other (non EFS) encryption applications may require you to enter a password to decrypt the letter in order to edit it. You may then need to enter your password in a separate operation to encrypt the letter after you finish editing it. Of course it would be possible to forget to encrypt the document after you finish editing it. The confidentiality of your letter would not be protected. If you use EFS your files are automatically encrypted and decrypted.

How To Use Encrypting File System (EFS)

Although you can encrypt single files with EFS, I recommend you create a folder (or folders) then encrypt the folder with EFS. You can then copy, drag and drop or write files into the folder (or sub folders) and they will be automatically encrypted. Why? Microsoft Word and other applications create temporary files. If the temporary file is not encrypted the contents of the original file may be able to be determined from the temporary file. The security of the original file could become compromised.

To encrypt a folder with EFS:
  • Right click on the folder
  • Select the word "Properties" at the bottom of the menu that appears.
  • Left click on the "Advanced" button on the file "Properties" dialogue. (image below)

encrypting file system properties

  • Left click in the box next to "Encrypt contents to secure data".
  • Left click the "OK" button (see image below).

encrypting file system advanced attributes


Page 1 | 2 | Next