Securing Local Data

Previous page
Table of content
Next page
[Previous] [Next]

Encryption of stored files in Windows 2000 is accomplished through the use of the Encrypting File System (EFS). Using public-key encryption, EFS allows files and directories stored on NTFS partitions to be encrypted and decrypted transparently. EFS accesses the user's EFS public and private keys to perform self-encryption. Therefore, files encrypted with EFS can't be shared with (that is, encrypted to) other users. Another encryption method, such as S/MIME, must be used to securely share files with other users. In addition, if files encrypted with EFS are saved to another machine, the user's key information must be imported to that machine for decryption to occur.

Files are automatically encrypted to a third party, called a recovery agent. In the event of key loss, the recovery agent can decrypt the files. EFS encrypts the bulk of the file with a single symmetric key. The symmetric key is then encrypted twice: once with the user's EFS public key to allow decryption, and once with the recovery agent's public key to allow data recovery. See the section "Public-Key Cryptography vs. Symmetric-Key Cryptography" in Chapter 17 for more information on data encryption.

Encrypting Files and Folders

Encrypting files with EFS is as easy as setting any other file attribute, such as Hidden or Read-Only. To encrypt a file in Windows Explorer, follow these steps:

  1. Right-click the file and choose Properties.

  2. On the General tab, click Advanced.

  3. Select the Encrypt Contents To Secure Data check box and then click OK twice.

  4. In the dialog box that appears, decide whether you want to encrypt the parent folder. If you do encrypt this folder, files subsequently added to this folder and its subfolders will be encrypted.

NOTE
Remember that system files, compressed files, and files on partitions other than NTFS can't be encrypted using EFS. Further, a drive's root folder cannot be encrypted using EFS.

Like normal files, encrypted files can be moved and copied via the Edit menu commands Cut, Copy, and Paste. Files moved or copied using drag-and-drop will not necessarily retain their encryption. You can also rename encrypted files as you would any other file.

CAUTION
Encrypted files and directories are not immune from deletion. Any user with appropriate rights can delete an encrypted file.

To encrypt a folder, right-click the folder and choose Properties. On the General tab of the folder's Properties window, click Advanced and select Encrypt Contents To Secure Data. Click OK twice and you'll be asked if you want all files and subfolders in the target folder to be encrypted as well. It's important to mention that the folder itself is not encrypted, merely the files within the folder. The folder is simply marked as having encrypted files within it.

TIP
To ensure the security of temporary files that have been created by applications, mark your system's Temp folder for encryption.

Decrypting Files and Folders

EFS allows a user to reverse the encryption process. However, describing this as a mere decryption operation is a bit misleading. Indeed, removing data encryption from a file does cause the file to be decrypted, but any encrypted file is also decrypted every time a user or application accesses it. What we're talking about is permanent decryption so that files can be easily shared with other users.

To indicate that a file should no longer be encrypted or that a folder should no longer encrypt its files, follow these steps:

  1. Right-click the file or folder in Windows Explorer and choose Properties.

  2. Select the General tab and click Advanced.

  3. Clear the Encrypt Contents To Secure Data check box.

MORE INFO
For a description of the specifics of cryptography, including symmetric-key and public-key methods, visit the security page of the Microsoft Web site at http://www.microsoft.com/security.

Recovering Files

Naturally, when you encrypt files to protect them from prying eyes, you run the risk of protecting them from yourself and ultimately losing the data. EFS requires the user's private key (associated with the user's EFS public-key certificate) to decrypt a file. As long as this key is available, EFS-protected files can be accessed. In the event of key loss, a secondary means of retrieving the data is necessary. Consider, too, that a key may be lost due to the voluntary or involuntary departure of a user; for example, a user who encrypts company files may leave the company.

The ability to recover files starts when an individual user backs up his or her EFS public-key certificate and associated private key. To back up this information, the user must export the certificate and key through the Certificates snap-in in the MMC. (See the section "Exporting Certificates and Private Keys," earlier in this chapter.) If the private key is ever lost, the user can import the saved EFS private key and certificate and salvage the data.

NOTE
Exported keys and certificates are stored in a standard PKCS #12 (also known as Personal Information Exchange or PFX) format. This format is understood by a number of security-enhanced applications, allowing exchange of keys between independent computers or applications.

If a user is unable to decrypt lost data, an administrator can salvage the data by using a recovery agent certificate. In addition to obtaining a recovery agent certificate (see the section "Requesting Certificates," earlier in this chapter), the administrator will need to add that certificate to a recovery policy in Active Directory by using the Add Recovery Agent Wizard from the Group Policy snap-in.

REAL WORLD  Protecting Recovery Agent Certificates
Recovery agent certificates should be squirreled away in a secured storage facility to prevent possible data compromise. Upon receiving the recovery agent certificate, the recovery agent should export it to a diskette or other device that can be protected and delete it from the machine. When data needs to be recovered, the certificate and associated private key can be imported. Once the data has been recovered, the certificate should again be deleted. For information on exporting certificates, see the section "Exporting Certificates and Private Keys," earlier in this chapter.


Previous page
Table of content
Next page
Microsoft Windows 2000 Server Administrator's Companion, Vol. 1
Microsoft Windows 2000 Server Administrators Companion (IT-Administrators Companion)
ISBN: 1572318198
EAN: 2147483647
Year: 2000
Pages: 366
Authors: Charlie Russel, Sharon Crawford
BUY ON AMAZON
Strategies for Information Technology Governance
SQL Tips & Techniques (Miscellaneous)
Documenting Software Architectures: Views and Beyond
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
InDesign Type: Professional Typography with Adobe InDesign CS2
Java Concurrency in Practice
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy