BitLocker drive encryption is now available on Windows 10 Pro and Enterprise editions. If you are using one of these editions of Windows 10, then you may be wondering what BitLocker encryption is and how it is different from the Encrypting File System (EFS). In this article, I have given a detailed explanation of BitLocker vs EFS and which one you should use.
How Does EFS Work And What File System Supports The Use Of EFS?
EFS is a folder-level encryption system. If you are looking to encrypt certain files and folders, then you can use the EFS. EFS is not supported by all file systems. So, which file system should you use if you want to use EFS?
When you are using the EFS to encrypt files, you must move the files to an NTFS formatted drive. The only file system that EFS supports is the NTFS file system, which is the current standard on Windows. If you move the encrypted files from the NTFS formatted drives to a drive with another file system like FAT32, then the encryption will be lost. Here is how to convert FAT32 to NTFS.
To encrypt using EFS, follow the steps given below:
- Right-click on any file in an NTFS formatted drive.
- Select the Properties option.
- In the General tab, select the Advanced option in the Attributes section.
- Check the Encrypt contents to secure data box in the Compress or Encrypt attributes section.
- Finally, click on OK and then on Apply and OK to save the changes.
One shortcoming of EFS is that you can’t use it to encrypt an entire drive as the TPM (Trusted Platform Module) hardware isn’t used to store the encryption key.
How Does BitLocker Work?
BitLocker is a partition level encryption system. This means that BitLocker cannot encrypt files and folders separately like EFS. You can only encrypt an entire volume with BitLocker. This can be used to encrypt entire partitions on your PC or of an external storage device.
When you use BitLocker to encrypt a partition from an administrator account, then the entire drive is locked for all users. This is possible as BitLocker uses the TPM hardware to store the encryption key locally. You can use BitLocker to protect important data on your PC by encrypting the entire drive.
BitLocker Vs EFS: Which One Should You Use?
What encryption system you use depends on the purpose of your encryption. If you want to encrypt a specific file, then it can only be done by EFS. On the other hand, if you want to encrypt an entire partition, then you will have to use BitLocker.
Also, BitLocker is better for protecting sensitive data as the EFS encryption gets removed when the file is moved to a non-NTFS formatted drive. To sum it all up, BitLocker is enough to protect your entire partition, including the files present in them. But EFS is useful when you want to encrypt individual files.
So, use the one that fits your requirements.
After reading this detailed explanation of BitLocker vs EFS, you should now know which encryption system is most suitable for what you are looking for. If you have any other questions regarding this topic, ask them in the comment section below.