On various Internet security mailing lists, I often see administrators asking about secure and transparent file-encryption products for Windows. Just as often, senior management personnel ask for ways to prevent network administrators from seeing confidential company files. When I suggest using Windows' own Encrypting File System (EFS), most reply that they want something more reliable and secure.
Contrary to popular opinion, EFS is a reliable, easy-to-use, and secure encryption solution, and it can trump even the network administrator's rights. EFS is great for protecting confidential files on the network and on often-stolen laptop computers. Unfortunately, EFS has been wrongly maligned by users who refuse to objectively evaluate any Microsoft security product. In truth, EFS is among the best security products Microsoft has ever made, but it requires appropriate planning and understanding. In this article, I discuss the basics of EFS, talk about its purpose and functionality, and discuss basic administrative tasks and pitfalls. . . .
But then it goes on to tell, that to establish a DRA, one have to import a certificate for a DRA.
Not member of domain = not possible to generate a (usefull) (DRA-)certificate !
Anonymous User August 28, 2005 (Article Rating: