|
|
Encrypted FilesAnother technique that can be used to protect and preserve the integrity of the data locally on your workstation is file encryption. The file encryption feature encrypts your data when it is written to the disk. This data encryption process happens on-the-fly when data is saved and goes unnoticed by the users. File encryption was introduced with NT File System for Windows NT (NTFS). Compared with FAT and FAT32, NTFS has a strong focus on security because an encryption file system (EFS) was one of the added security features. File encryption is linked to individual user accounts. Files encrypted by a user are accessible only from that user's account. Other users (apart from the administrator) have no access to these files because they are encrypted with individual keys. Special caution needs to be used for data recovery because related certificates with public and private keys need to be restored as well. Figure 3-8 illustrates how to enable this feature for Windows 2000. Figure 3-8. Enable NTFS File Encryption As you can see in Figure 3-8, to encrypt a file or a complete directory, you right-click on the icon. Select Properties from the options and click Advanced. This opens the Advanced Properties window. Select Encrypt contents to secure data. NOTE In the context of file encryption, it is worth mentioning file protection. File protection using passwords is an easy-to-implement security defense. It can be implemented in a number of ways, such as requiring passwords to open files to prevent unauthorized users from accessing the data or requiring passwords just to modify a file. This allows everyone to open the file, but only authorized users are permitted to make changes, and unauthorized access is prevented.  |
|
|