When an EFS certificate is either distributed by your CA or created automatically when an EFS operation is requested for the first time in a domain environment, the public key of the user's certificate is stored in AD. This allows one file to be shared among multiple users while remaining encrypted on the file system. In the same way that the recovery agent public key is automatically stored with the encrypted file, you can also assign other users' public keys to a file, allowing them to decrypt it as well. This way, if the user loses the certificate used to encrypt the file, the recovery agent user, or more specifically the holder of the associate private key, can also decrypt the file. Because of this, a recovery agent certificate is typically associated with a different user account, and that user's public key is also embedded in the file. The public key is stored with the files created by that user, and only that user can decrypt the file. Basically, the way it works is that when a user requests that a file or folder be encrypted, an EFS certificate is generated for the user and its private key is stored in the user's profile. To be more specific, inadequately designed EFS controls can result in files being encrypted on the file system that, based on a failure scenario, can prevent the decryption of files even though you may have physical access to them.ĮFS is a user-based encryption control. The consequences of improperly rolling out EFS can be serious: You can lose access to your data.
EFS is easy for individuals to set up and use autonomously, but the proper deployment of EFS in large environments requires careful planning around certificate and recovery agent management, backup and restoration, and access model implementation. This is not entirely without justification. I have very rarely seen it used in enterprise or even medium-sized environments, and when I have, it has been in isolated instances where individuals or teams took it upon themselves to implement EFS-based security controls. Microsoft's Encrypting File System technology is one of the strongest yet most underutilized security features that I have seen in my many years of working with Microsoft infrastructures and enterprise deployments. Timothy “Thor” Mullen, in Thor's Microsoft Security Bible, 2011 Introduction Internet Information Server (IIS) Authentication and Authorization Models, and Locking Down File Access with EFS and WebDAV
0 kommentar(er)
