Is EFS secure?

I have seen many official statements about EFS being so insecure and we should not use it blah blah…and that is so surprising for me something from professional sources hearing a unprofessional statement, or better say, inaccurate assumption about one of the simplest and effective ways towards cryptographic practices! 

Assuming you know what Encrypting File System (EFS) is generally, the problem is relying on the way we use it, not necessarily EFS native problems. Sometimes even those native issues are arising sue to our way of using things which I have experience a lot regarding EFS. 

An uneducated, think-s/he-knows-EFS tries to configure it and then boom! Of course, we end up with wrong assumption of EFS is insecure. I assure you can utilize EFS at the right time and right lace more effective than many other cryptographic solutions! That is a strong opinion, but I recommend Not using it Only if you do know about it! 

If you know how to utilize EFS you would probably laugh why I am even bothering and killing myself to make sure folks understand the beauty and usefulness of this light-weighted encryption beast! Yes, because it bothers me how then we skip this super useful technology where it supposed to be so effective and we go for other solutions which might not be the right choice because of the type of dealing with encryption or price. 

as a matter of fact, BitLocker has the same problem in opposite direction: folks think that is breakable, and more than that, I have seen hundreds of them use it in wrong place, which again, that is not the problem with BitLocker if we use it in a way which makes it ineffective. 

Anyways, give EFS to a knowledgeable IT staff (an encryption guru is not needed) and s/he knows where and when utilize it cheaper, and more effective than any other encryption solution out there. I explain in one of my workshops how to turns EFS to a compliance saver! And how to turn BitLocker to a compliance disaster!

Kaveh Mofidi

By Kaveh Mofidi

I find simple solutions for complex problems. While I enjoy working with information security and computers, our challenges extend far beyond securing data. The real task is to discover solutions for unlimited clean energy, drinkable water, and addressing the root causes of hunger, war, and injustice. Our primary goal should be to keep our planet livable; that is the true challenge we face on Earth!