Is EFS secure?

I have seen many official statements about EFS being so insecure and we should not use it blah blah…and that is so surprising for me something from professional sources hearing a unprofessional statement, or better say, inaccurate assumption about one of the simplest and effective ways towards cryptographic practices! 

Assuming you know what Encrypting File System (EFS) is generally, the problem is relying on the way we use it, not necessarily EFS native problems. Sometimes even those native issues are arising sue to our way of using things which I have experience a lot regarding EFS. 

An uneducated, think-s/he-knows-EFS tries to configure it and then boom! Of course, we end up with wrong assumption of EFS is insecure. I assure you can utilize EFS at the right time and right lace more effective than many other cryptographic solutions! That is a strong opinion, but I recommend Not using it Only if you do know about it! 

If you know how to utilize EFS you would probably laugh why I am even bothering and killing myself to make sure folks understand the beauty and usefulness of this light-weighted encryption beast! Yes, because it bothers me how then we skip this super useful technology where it supposed to be so effective and we go for other solutions which might not be the right choice because of the type of dealing with encryption or price. 

as a matter of fact, BitLocker has the same problem in opposite direction: folks think that is breakable, and more than that, I have seen hundreds of them use it in wrong place, which again, that is not the problem with BitLocker if we use it in a way which makes it ineffective. 

Anyways, give EFS to a knowledgeable IT staff (an encryption guru is not needed) and s/he knows where and when utilize it cheaper, and more effective than any other encryption solution out there. I explain in one of my workshops how to turns EFS to a compliance saver! And how to turn BitLocker to a compliance disaster!

Published by Kaveh Mofidi

He finds simple solutions for huge and complicated issues! He believes information security and computers are fun to deal with, but the real deal is to find solution for unlimited clean energy, drinkable water, mitigate root cause of hunger, war, and injustice...We need to keep our planet livable, that is our real problem on the Earth!

Leave a comment