Home > Articles > Operating Systems, Server > Microsoft Servers

Using Encrypted File System in Production

  • Print
  • + Share This
Windows 2000 expert Bill Boswell continues his discussion of Encrypted File System, specifically how to use EFS in Production.

Windows 2000 expert Bill Boswell continues his discussion of Encrypted File System.

In this article, we'll talk about using EFS in production.

I've listed a typical set of steps that you would take to deploy EFS in your organization. Under normal circumstances, you would not want users saving files at their local desktops, so this discussion focuses on laptops.

Join the Laptop to a Domain

When a Windows 2000 computer is joined to a domain, it downloads any Group Policies linked to the domain and to OUs that contain the computer object in Active Directory.

By joining the laptop to a domain, you ensure that a single set of data recovery agents (specified in Encrypted Data Recovery Agent policies linked to the domain and OUs) can recover encrypted files in your domain. Without this policy, each laptop would have its own DRA, the local Admin account. Files encrypted on laptops that use a local DRA should not be considered secure.

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.