Don't Lose Your Encrypted Data

As it is good practice to protect sensitive data, and encryption is a good way of securing that data, there are steps that should be taken to safeguard the loss of data through the security that protects them.
Whether it is business or personal data, some are to sensitive to allow others to view. It might be the next big trade secret or your monthly bank statement.

One way of securing the data on a computer is to isolate it so only the single owner of the data has access to the machine, which includes no access to the Internet. But that is not very practical in this day and age of multi user computers and the Internet.

Another way of securing sensitive data on Windows NT machines is through NTFS permissions. And the ultimate way of securing data on windows 2000 and XP systems is with EFS (Encrypted File System), which works transparently to the user on the fly.

When a user encrypts a file for the first time, Windows generates a personal encryption certificate and a private key based on the user's SID (Security Identifier). When the user opens the file or folder, windows uses these in the background to decrypt the files as the files are being used.

To be continued.