EFS (Encrypted File System)

Cryptography 🔒 • Security Operations 🛡️ • Security+ 🏆 • Difficulty: premium

Definition

EFS, or Encrypted File System, is a Windows feature that encrypts files and folders at the file system level so they are protected from unauthorized access.

Examples

An employee encrypts a folder containing financial records so another user on the same computer cannot open the files without proper access.
A laptop user applies EFS to sensitive documents stored locally to reduce exposure if someone accesses the drive through another account.

Discover 🔎

Not every security problem is about hackers breaking in from across the internet. Sometimes the risk is much more direct. A shared computer, a stolen drive, or another local account on the same system may expose sensitive files if those files are only protected by ordinary permissions. EFS was designed to add another layer of protection.

Encrypted File System works at the file level. That makes it different from full disk encryption. Instead of locking down the whole drive, EFS protects selected files or folders. This targeted approach can be useful when only certain data needs extra protection.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.