Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

EFS 101

Status
Not open for further replies.

dleggett

Technical User
Feb 28, 2007
83
US
Could someone help me out with this. Is there a way to move all of the certificates off of the hard drive so that if the tablet/notebook is stolen, then the certificates will not be up there. This is the scenerio that we want. We want all 30 of our users to take encrypted flash drives with them, with their certificates stored on them. So that them, and only them will be able to access the files. Any insight on this will be greatly appreciated. What is the best way to go about doing this? Thanks for your help.
 
I don't have any insights as far as what program could do such a thing, but I do have one thought.

Wouldn't a small flash drive me much easier to be misplaced? Or even stolen? And then someone else would still have your certificates information.

-surgeVel
 
Woops, missed the encrypted part.... So I guess what you are theorizing would be safer. Hope someone here has a solution for you as I have not heard of something like this before. The only thing I have ever heard of close to this is protable digital password displays. These are used in big companies where the password is changed dailly or even hourly in order to maximize security, and the displays update automatically as the passwords are changed on the servers.

-surgeVel
 
Are the Flash drives formatted with NTFS, because FAT and Encryption are not possible?

Some of the links in this recent thread might be worth a read?

EFS
thread779-1452032

 
Yes the drives are formatted with NTFS. They are Kingston U2 DataTraveler. Thanks for the replies so far.
 
Ok, I have another question. What is a product that we can use, that does not store that actual key on the hard drive, requires a USB thumb drive and that only user intervention that is required is entering a password or something?
 
Excuse, my last reply, I should have said either requires a password from the user. Was looking at XP's, but if you remove the certificate from the hard drive, you have to import it back in and then make sure that you delete it out again. The workers here will not go that route. If they put it in once, if we are lucky, then they will not want to delete it. We need something that can be read from the USB device, or requires them to enter a password.
 
The reason for this is we are using the IBM/Lenovo tablets right now. Do you think that the Client Security Solution with TPM, has Fingerprint Reader on it, and Utimaco SafeGuard would be sufficient enough to consider it encrytped thoroughly?




Thanks for your help linney.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top