Administrative Issues with EFS

When you back up encrypted files, all files will continue to be encrypted. When restoring the backed up encrypted data, the data will remain encrypted after the restore operation.

One of the key problems with recovery of encrypted data is when a person leaves the company or when the data is requested by law enforcement. This data recovery requires decrypting a file without having the user's private key. To recover an encrypted file, the recovery agent will need to take the following steps:

1. Back up the encrypted files.

2. Move the backed up files to a secure system.

3. Import the files recovery certificate and private key to the secure system.

4. Restore the backup files.

5. Decrypt the files with Windows Explorer or the cipher command.

An administrator can use the Group Policy snap-in to define a data recovery policy for individual computers, domains, or organizational units (OUs). The CAcan issue recovery certificates using the MMC Certificates snap-in. In a domain, Windows Server 2003 implements a default recovery policy for the domain when the first domain controller is set up. The domain administrator is designated as the recovery agent. To change the recovery policy for the local computer:

1. Click Start, and then click Run.

2. Type mmc, and then click OK to start the Microsoft Management Console (MMC).

3. On the Console menu, click Add/Remove Snap-ins, and then click Add.

4. Add the Group Policy Object Editor.

5. Under Group Policy Object, make sure that "Local Computer" is displayed and click Finish. Click Close, and then click OK.

6. In Local Computer Policy (Local Computer Policy\Computer Configuration\ Windows Settings\Security Settings\Public Key Policies), right-click Encrypting File System, and then do one of the following:

4fi Consolel - [Console Root\Local Computer Policy\Computer ConfigurationSWindows Settings\Security Set...

"¡Jib £ile Action View Favorites Window Help - Ifi11 x|

1 a 1 i

Console Root

Object Type

Local Computer Policy &Computer Configuration El-"CU Software Settings Fl-Kl Windows Settings

Scripts [Startup^Shutdown] El gJ Security Settings Fl-l 'Q Account Policies [+1--TQ Local Policies

LJI Encrypting File System Ë^Autoenrollment Settings

^^Rw^^HËKcSl Public Kev Policies^^^^^^^^^^^^HI

1j Encrypting File System

Fl Pi Software Restriction Policies S'"â Security Policies on Local Computer SvLJ Administrative Templates El ¿JP User Configuration

Computer Hard Drive Data Recovery

Computer Hard Drive Data Recovery

Learn How To Recover Your Hard Drive Data After A Computer Failure.

Get My Free Ebook


Post a comment