Introduction to EFS

You can use EFS to encrypt NTFS files to provide confidentiality for the file contents. EFS uses symmetric key encryption in conjunction with public key technology to protect the file and ensure that only the owner of the file can access the file. Users of EFS are issued a digital certificate with a public and private key pair that are used for EFS operations. To conduct EFS operations, EFS uses the key set for the user who is logged on to the local computer where the private key is stored. You can use EFS for file systems on remote computers only if the remote computers are trusted for delegation.

No administrative effort is needed to begin using EFS, and most operations are transparent. You also have the option to disable EFS by configuring EFS recovery policy.