Microsoft's Encrypted File System (EFS) enables people to encrypt individual files and/or folders on NTFS partitioned hard drives. We recommend the folder encryption option as being more straight forward to maintain and manage. EFS utilizes the Windows account login to unlock the files, so once a user has logged in, they have access to all of their encrypted files.
Some useful Microsoft pages on EFS are:
- Protecting Data by Using EFS to Encrypt Hard Drives
- Encrypting File System overview
- Windows XP Professional Resource Kit Using Encrypting File System
Instructions for Setting up Windows Encrypted File System are being worked on now. They do not include the steps for setting up a Data Recovery Agent which is crucial to Safe Computing in case a user forgets a password.
Future Thoughts:
- Vista's EFS enables the use keys stored on smart cards.
- BitLocker in Vista provides full volume encryption.