EFS (Encrypted File System)
What is EFS (Encrypted File System)?
EFS, or Encrypted File System, is a Windows feature that encrypts files and folders at the file system level so they are protected from unauthorized access.
Examples
- An employee encrypts a folder containing financial records so another user on the same computer cannot open the files without proper access.
- A laptop user applies EFS to sensitive documents stored locally to reduce exposure if someone accesses the drive through another account.
Discover 🔎
Not every security problem is about hackers breaking in from across the internet. Sometimes the risk is much more direct. A shared computer, a stolen drive, or another local account on the same system may expose sensitive files if those files are only protected by ordinary permissions. EFS was designed to add another layer of protection.
Encrypted File System works at the file level. That makes it different from full disk encryption. Instead of locking down the whole drive, EFS protects selected files or folders. This targeted approach can be useful when only certain data needs extra protection.
Summary 📝
EFS is a Windows file-level encryption feature used to protect selected files and folders from unauthorized access. Its main purpose is to improve data confidentiality at rest. It is most useful when an organization needs targeted protection for sensitive files and is prepared to manage encryption keys and recovery properly.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.