Securing data

Uhtred · 20 Dec 2006 at 12:15

Hi guys.

OK this is my situation. I have approximately 50gigs of data I backup every week from two PCs. The files are backed up to a server sat in my garage running 2003 using the NTbackup tool. This is both my personal stuff and my dad's business files, nothing confidential but important none the less.

The server is in a separate building and counts as offsite and eliminates the risk of fire. However, the garage is not as secure as my house and the computer is at higher risk of being stolen. While i'm not too worried about the machine, as it's not worth much, it would be possible for someone to read the data off the disk and access all the personal and business files.

To get around this I have enabled windows file encryption on the storage folder to encrypt the backup files.

This works fine, the backup takes longer, but that's not an issue. I do have a few questions though...

- Is this secure, ie if someone stole the machine, could they reset the admin password and access the encrypted files?

- How can i backup the encryption key so that if the admin profile broke or the OS fell over i could still recover the files?

Lastly, is this the best method to use?

Thanks

Curiosityx · 20 Dec 2006 at 12:33

If your using EFS it will be fine, even if someone were to get local access and reset the Administrator password using say a linux bootable CD it still wouldnt allow access to the encrypted files as you need to have the EFS key and the original password in order to decrypt data, the only safe way to change a users password is to either logon with your account or the administrators.

On the other hand by gaining access to the local machine they could crack your original password, logon to your user account and access the encrypted files.

So it kind of defeats the point of using EFS.

If you want to backup your EFS key and recovery certificate follow the link below

http://support.microsoft.com/kb/241201

The process does differ depending on whether your using a domain or workgroup environment.

Uhtred · 20 Dec 2006 at 13:20

Thanks for that. I have created a backup of the key and stored it in a safe place.

The admin password would be a tough one to break but if the files weren't encrypted then what would prevent them from taking the disk out, installing it as a slave on another machine and taking ownership of the files?

Curiosityx · 20 Dec 2006 at 16:33

Zap said:
Thanks for that. I have created a backup of the key and stored it in a safe place.

The admin password would be a tough one to break but if the files weren't encrypted then what would prevent them from taking the disk out, installing it as a slave on another machine and taking ownership of the files?

If the files were encrypted using EFS you wouldnt be able to access them nor take ownership even if the disk was in another computer, without the original EFS key your in trouble.

Again it differs between workgroup and domain environments, a domain environment would allow you to link the certificate to a certificate authority and assign a recovery agent for the domain.