|
-
May 4th, 2001, 09:52 AM
#1
Registered User
 W2K Encryption?
How robust is the W2K encryption scheme? I'm wondering particularly since they left in a 'backdoor' for a recovery agent (the encryption key, apparently, is included in the file, and is encrypted with the public keys of both the user and the recovery agent. Unless I have got it all botched.) Also, anyone letting their users implement this? I'm considering blocking it out in group policy just to avoid potential problems, but there are a few cases where it might be handy.
-
May 4th, 2001, 11:03 AM
#2
As an admin I would block it as well, but if it needs to be implemented then assign an admin to be a recovery agent. When you give users too much power something usually get screwed up.
-
May 4th, 2001, 11:07 AM
#3
Registered User
When you give users too much power something usually get screwed up.
Change the word usually for ALWAYS
-
May 4th, 2001, 11:43 AM
#4
Registered User
[QUOTE] [As an admin I would block it as well, but if it needs to be implemented then assign an admin to be a recovery agent. When you give users too much power something usually get screwed up./QUOTE]
That was my thought, too. Has anyone actually used this in production?
-
May 4th, 2001, 01:07 PM
#5
Registered User
Yes, we have. The Domain Admin by default is the designated recovery agent. Though I would ALWAYS EXPORT the EFS recovery key and also have another account that can be a recovery agent. Each user in the domain is assigned a key that can access EFS encrypted files. They are the only ones who can decrypt files with the exception of the Recovery Agent. Its not all that complicated, though if a user logs on locally, (not a domain account) and encrypts some stuff, it will only be available to that account and the local admin. The recovery keys are NOT stored with the file, so there is NO way to recover the data if the recovery agents are lost. We have allowed its use, and the only people who have used it are those who know enough not to make problems. So far we have not had any major issues.
I highly recommend it for laptops, because that is the only way to ensure the data is protected. There are tools to recover the local admin password, and fully access the NTFS volumes (see www.winternals.com), but if all the local data was Encrypted with a DOMAIN account, the local admin could not recover it, because it is encrypted with the domain's key. The theif would have the hardware, but would not get any corporate data (which is really a lot more valuable than the hardware).
So in summary, desktops already have physical security, so its not a big issue. However, if EFS is used for all sensetive data, AND the user is logging on as a Domain user a laptop will be completely protected even if stolen.
Sorry about the length...
Matt
"If you have been tempted into evil, fly from it. It is not falling into the water, but lying in it, that drowns"
-
May 4th, 2001, 06:50 PM
#6
Registered User
I hadn't even thought about the local/domain account aspect of laptops. I like the system even better now! I'm worried about letting my users try this - none of them fall into that 'know what they're doing' category  Thanks!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
Bookmarks