Article ID: 243756
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
Microsoft Windows 2000 employs a security technology named Encrypting File System (EFS), which enables users to encrypt and decrypt files. Windows users can utilize EFS to keep sensitive files safe from unauthorized access. This article summarizes how to use this technology to encrypt personal Web documents for additional security.
Warning EFS will fail encryption attempts on files with the System attribute. Administrators should not attempt to defeat this safeguard to encrypt files in the system directory. The private keys needed for decryption are not available during the boot process. Therefore, a system will be rendered unusable if its system files are encrypted. Future releases of Windows may provide secure boot capabilities that support encryption of system files.
EFS is enabled for documents in Windows 2000 through an optional advanced file attribute. To implement this feature, follow these steps:
The following is a list of best practices regarding EFS:
For more information on Windows File Protection, click the following article number to view the article in the Microsoft Knowledge Base:
222193For more information on Web site authentication methods, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/222193/ )Description of the Windows file protection feature
(http://support.microsoft.com/kb/264921/ )How IIS authenticates browser clients
(http://support.microsoft.com/kb/222028/ )Setting up digest authentication for use with Internet Information Services 5.0
Article ID: 243756 - Last Review: June 19, 2014 - Revision: 4.0