Administrator can enforce encryption on offline cached files by configuring EFS setting in the domain Group policy. This enforces encryption on all the member machines that are part of the domain.
This can be done as described below.
- Log in to the Domain Controller machine.
- Open the Group policy object editor( see How to open group policy object editor in Server 2003)
- Go to the node Computer Configuration -> Administrative Templates -> Network -> Offline files
- Now the right side pane shows a list of settings related to offline files feature. Among these select “Encrypt the offline files cache” by double click and it will open a window like below.
- Here select the box “Enabled” to encrypt the local cache created by offline files.
- Click on Apply and close the windows.
The above steps enable encryption for all the computers that are part of a domain.
To enable offline files encryption on a single computer we can follow the below steps on Windows XP.
- Open Offline Files tab( My computer->Tools->Folder Options )
- Select the check box “Encrypt offline files to secure data“
- Click Apply and OK
- Close Folder Options window
We can enable offline files encryption on a system by modifying registry settings too. You need to set the data of the registry value EncryptCache under the below path to 1 to enable offline files encryption.
HKLMSoftwareMicrosoftWindowsCurrentVersionNetCache
Value: EncryptCache
Type: REG_DWORD
Good post. I'm going through a few of these issues as well..
my blog post: Email Console