For the average standalone machine that is in need of adequate security (but
not military grade security), is there a compelling reason to use anything
beyond EFS (encrypting file system)? Before you answer, first, let's assume
that the EFS user in question understands that he needs to encrypt his %temp%
folder (or, better yet, all folders under %userprofile%), in addition to the
specific folders to protect that may reside elsewhere in the file system. Let's
also assume that he knows to encrypt his page file(s) (and hibernation file, if
applicable) as well. Isn't that pretty strong security, assuming Joe Shmoe's
password is non-trivial (reasonably long w/ sufficient entropy)?
Again, I realize that most users don't know to encrypt %temp% or their page
file, but again, for a more savvy user, wouldn't EFS provide a pretty high
level of security for data at rest?
- Garrett G.
_______________________________________________
FDE mailing list
[email protected]
http://www.xml-dev.com/mailman/listinfo/fde
