Part of SmartEncrypt functionality is overlapping with existing encryption mechanisms in Windows.
The native file encryption mechanism on Windows is called Encrypting File System (EFS).
While EFS forms the base of several data protection solutions implemented by Microsoft, such as Enterprise Data Protection (EDP), Windows Information Protection (WIP), Azure Application Protection Policy (APP) - it has numerous limitations compared to SmartEncrypt.
EFS uses undocumented APIs in the Windows kernel which makes files encrypted with EFS incompatible with SmartEncrypt. The following is expected behaviour when EFS and SmartEncrypt are installed on the same system:
- For files encrypted with EFS:
- File cannot be opened unless EFS is removed or SmartEncrypt is uninstalled from the system. This is done to prevent a potential file corruption due to the use of undocumented APIs by EFS.
- EFS can be removed via normal EFS removal flow.
- For files encrypted with SmartEncrypt:
- File can be opened and edited and unencrypted, no conflicts are expected unless EFS is enabled for the file.
- For unencrypted files:
- File can be opened, edited, or encrypted with either SmartEncrypt or EFS.
Comments
0 comments
Please sign in to leave a comment.