|
Posted by Roger Abell [MVP] on November 18, 2006, 12:22 am
If you were Registered and logged in, you could reply and use other advanced thread options
Well, you are correct that the private key is needed to decrypt the file.
However, they could easily decrypt the file before taking it offsite,
such as by simply opening it in a Remote Desktop session and saving
non-encrypted, or just copying and pasting at their remote-from machine.
Also, when an EFS file is accessed over the network (via a share) just
where the decryption takes place can differ, but for the most common
deployment it is on the storage machine before the network transfer.
> EFS newbie here -
> We have an SBS2003 domain and most all work is done in the office on
> workstations. Some users are now looking at VPN from home and using
> Remote
> Desktop Connection to their workstations when necessary. This is good,
> but I
> would like to make sure that files that leave the office are not going to
> open or otherwise be usable to anyone. For example, if someone copied a
> file
> from our network over a VPN and then tried running it on their own
> (remote)
> computer, the fie would not open or run; But if they brought that same
> copied
> file back into our office, say on a floppy, it would run or open.
> From what I know, as long as the key to decrypt the file does not leave
> the
> network, then the file should only open on the network - Right?
> Thanks
> Paul
| 
XML site map