Microsoft EFS (Encrypted File System) can be used in combination with SMB and WebDAV. With SMB on network shares it makes not much sense (see my other notes) because of the strange implementation of using server side profiles and keys. But on local disks or with WebDAV on network filestores it's a great security enhancement out-of-the-box.
But there are a lot of issues and caveats you have to know when you want to deploy EFS in an enterprise infrastructure. Today I found the "ParanoidMike" blog which is a great resource for some of EFS related question:
EFS Certificate Updater
EFS and SYSKEY backgrounder
Why EFS makes no sense on servers
Source: ParanoidMike
Nov 23, 2007
Subscribe to:
Posts (Atom)
