In Windows XP Professional, you can protect files and folders by using the Encrypting File System (EFS). EFS is not available in Windows XP Home Edition. EFS encode your files so that even if a person can obtain the file, he cannot read it. The files can be read-only when you log on to the computer by using your user account and password. Windows uses your user account’s public key to create a file encryption key that can be decrypted only by your personal encryption certificate, which is generated from your user account’s private key.
There are two restrictions when implementing EFS:
■ You cannot use EFS on storage volumes that are not formatted with NTFS.
■ You cannot use EFS to encrypt a file that has been compressed by using NTFS compression. Although NTFS manages access to file system resources in Windows or on an internal network, when you have a dual-boot configuration, NTFS permissions can be circumvented by the second operating system. This issue is especially pertinent to portable computers because they can easily be moved or stolen, which would enable a second installation of Windows to be installed as a dual boot. The protected NTFS files would then be accessible on the second installation of Windows. EFS address this computer security issue by requiring you to enter your user account and password information before it will encrypt a file. In a dual-boot environment, the EFS protected files would still be inaccessible.
When an unauthorized user attempts to access an EF0S-encrypted resource, the user receives an “Access Denied” message. This message is similar to what a user experiences when he attempts to access an NTFS resource that he does not have permission to access.
More on Windows Xp >>
Compressed (Zipped) Folders in Microsoft Windows XP
Moving and Copying Compressed Files and Folders in Windows XP
Supporting File Compression in Windows Xp