To be more specific, inadequately designed EFS controls can result in files being encrypted on the file system that, based on a failure scenario, can prevent the decryption of files even though you may have physical access to them.ĮFS is a user-based encryption control. The consequences of improperly rolling out EFS can be serious: You can lose access to your data. EFS is easy for individuals to set up and use autonomously, but the proper deployment of EFS in large environments requires careful planning around certificate and recovery agent management, backup and restoration, and access model implementation. This is not entirely without justification. I have very rarely seen it used in enterprise or even medium-sized environments, and when I have, it has been in isolated instances where individuals or teams took it upon themselves to implement EFS-based security controls. Microsoft's Encrypting File System technology is one of the strongest yet most underutilized security features that I have seen in my many years of working with Microsoft infrastructures and enterprise deployments. Timothy “Thor” Mullen, in Thor's Microsoft Security Bible, 2011 Introduction Internet Information Server (IIS) Authentication and Authorization Models, and Locking Down File Access with EFS and WebDAV
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |