The problem is that Windows Vista??™s
on-the-fly encryption can be somewhat unpredictable, and security is one
place where you don??™t want there to be any guesswork.
Encryption is a feature of the NTFS filesystem (discussed in
???Choose the Right Filesystem??? in Chapter 5) and is not available
with any other filesystem. This means that if you copy
an encrypted file onto, say, a memory card, USB key, or CD,
the file will become unencrypted, since none of those drives
support NTFS.
Figure 8-7. The Permission Entry window lets you fine-tune permissions
Permissions and Security | 471
Users and
Security
Encrypt an Entire Drive with BitLocker
Vista??™s file and folder encryption is a handy way to protect sensitive data, but
mixing encrypted data and unencrypted data on the same drive can lead to
unpredictable results, as described in this section. But if you have the Ultimate
or Enterprise edition of Vista, you??™ll also have the luxury of using the
BitLocker drive encryption feature.
BitLocker works by placing all the data on your drive into a single, enormous
archive file, and then accessing the file invisibly like a virtual hard disk. You
can access the files on a BitLocker-encrypted drive through Windows
Explorer as though it were any other drive, while Windows handles the
encryption and decryption in the background. The BitLocker approach has
the significant advantage of encrypting Windows and all your system files,
thereby preventing a hacker from cracking your password and breaking into
your account, thus rendering your individual file encryption worthless.
Pages:
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657