none
Problem with EFS-Encryption RRS feed

  • Question

  • Hi guys,

    I am experiencing an issue with the EFS-Encryption in Windows 10. I support a small Company with around 10 users that uses EFS to locally encrypt customer files that stay synchronized with a cloud storage. This is facilitated by a client tool that downloads new files from the cloud and pushes changed or newly created local files to the cloud to distribute to all other clients, much like dropbox works. Under windows 7 we simply used the EFS feature to encrypt this local storage to ensure they would not fall into the wrong hands if a laptop was ever stolen or got lost.

    Under Win 10, this does not work reliably anymore. If the local sync folder is located on the system partition, newly downloaded files won't be encrypted when placed in the folder, even though it has the encryption flag set. If the local folder is located on a different partition everything seems to work as expected. Upon doing some research I noticed the same behaviour when downloading files with firefox into a folder that has the encrypted flag set, whereas downloads with edge or internet explorer seem to be fine. Also the MS OneDrive client seems to always encrypt files when putting them into the local folder.

    At first I suspected this to have to do with ADS and zone identifiers but after doing some research I found that it soes not seem to matter as files with and without zone identifiers get treated exactly the same way...

    Switching to Bitlocker is not a viable option as we work with freelancers that use their own hardware and we can't force them to encrypt their whole harddrive and also because in some cases several users use the same PC and we cannot make our customers files accessible to other people without breaching an NDA.

    I'm really at my wits end here and hope that any of you may have an idea of what could be causing this strange behaviour and what to do to get EFS working reliably on Windows 10 again. It worked perfectly fine for us the last few years...

    Thanks in advance for any input and best regards,

    Moritz

    • Edited by Moritz-W Thursday, December 13, 2018 5:28 AM
    Thursday, December 13, 2018 5:28 AM

All replies

  • Hi,

    According to your description, please try to check the owner of your local sync folder to see if it’s current user account. If not, change it then check the issue.

    Best Regards,


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Saturday, December 15, 2018 5:20 AM
    Moderator