What folders to encrypt with EFS on Windows 7 laptop?
Posted
by
Joe Schmoe
on Super User
See other posts from Super User
or by Joe Schmoe
Published on 2013-06-25T22:48:11Z
Indexed on
2013/06/26
4:23 UTC
Read the original article
Hit count: 424
Since I've been using my laptop more as a laptop recently (carrying it around) I am now evaluating my strategy to protect confidential information in case it is stolen.
Keep in mind that my laptop is 6 years old (Lenovo T61 with 8 GB or RAM, 2GHz dual core CPU). It runs Windows 7 fine but it is no speedy demon. It doesn't support AES instruction set.
I've been using TrueCrypt volume mounted on demand for really important stuff like financial statements forever. Nothing else is encrypted.
I just finished my evaluation of EFS, Bitlocker and took a closer look at TrueCrypt again.
I've come to conclusion that boot partition encryption via Bitlocker or TrueCrypt is not worth the hassle. I may decide in the future to use Bitlocker or TrueCrypt to encrypt one of the data volumes but at this point I intend to use EFS to encrypt parts of my hard drive that contain data that I wouldn't want exposed.
The purpose of this post is to get your feedback about what folders should be encrypted from the general point of view (of course everyone will have something specific in addition)
Here is what I thought of so far (will update if I think of something else):
1) AppData\Local\Microsoft\Outlook - Outlook files
2) AppData\Local\Thunderbird\Profiles and AppData\Roaming\Thunderbird\Profiles- Thunderbird profiles, not sure yet where exactly data is stored.
3) AppData\Roaming\Mozilla\Firefox\Profiles\djdsakdjh.default\bookmarkbackups - Firefox bookmark backup. Is there a separate location for "main" Firefox bookmark file? I haven't figured it out yet.
4) Bookmarks for Chrome (don't know where it's bookmarks are) and Internet Explorer ($Username\Favorites) - I don't really use them but why not to secure that as well.
5) Downloads\, My Documents\ and My Pictures\ folders
I don't think I need to encrypt, say, latest service pack for Visual Studio. So I will probably create subfolder called "Secure" in all of these folders and set it to "Encrypted". Anything sensitive I will save in this folder.
Any other suggestions? Again, this is from the point of view of your "regular office user".
© Super User or respective owner