If the contents of a file are sensitive enough to need encryption it is also
recommended to also think about physical security as well. This means
thinking about things like: Where do I store backup copies of the key to
decrypt the file. How and where do I store backups of the file. How likely
is is that the computer storing the file or backups may be stolen. If
someone has the computer and the key to decrypt the file is on the computer
then they can crack the encryption. There are many things to consider.
Microsoft MVP - Shell/User
"greyman" <email@example.com> wrote in message
> Ok fine,so i should use the combination of file access permissions and
> "Kerry Brown" wrote:
>> EFS is about hiding the contents of a file not restricting what can be
>> with the actual file itself. That is accomplished by NTFS permissions.
>> Normally it makes sense to use a combination of physical security, file
>> access permissions and encryption to protect sensitive files.
>> Kerry Brown
>> Microsoft MVP - Shell/User
>> "greyman" <firstname.lastname@example.org> wrote in message
>> > hello,
>> > i had this question in my mind for quite some time...
>> > If efs is built to deny access of an encrypted file to a 2nd
>> > person,then
>> > why
>> > should he be given access to delete the same file??
>> > I have tried this scenario where 2nd person was able to delete the file
>> > encrypted by the 1st person...
>> > efs is about securing ur info from others...whats its use if one can
>> > just
>> > delete ur confidential info??
>> > Please reply..
>> > Thanks.