Copied encrypted files over RDP get decrypted

Mago Barca 1 Reputation point

Hi All,

I have the following situation. I have folder TESTFOLDER and inside it a file called TESTFILE.TXT stored on the SERVER. I encrypt this file (and of course its parent folder TESTFOLDER). Now if I RDP to SERVER and copy this file to my local PC (not part of the domain or LAN), then I find this file is decrypted.

I thought the certificate that is used to encrypt the encryption/decryption key is not stored in the encryption file and only the encrypted encryption/decryption key is stored in the file.

What is going on?

How can I fix this situation?

Thank you

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,687 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 39,206 Reputation points

    Hi there,

    I suppose you might have created a trigger that decrypts the files automatically. The server's decryption key can only decrypt files encrypted by its corresponding public key.

    Make sure that no such triggers are executed and I suppose that sorts your query.

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments

  2. Vadims Podāns 8,856 Reputation points MVP

    It is expected behavior and by design. Files are automatically decrypted (if decryption key exists on source machine) when moved to media which doesn't support encryption, including network transfer. EFS does not protect data on a wire.

    0 comments No comments