Re: Re: Protecting sensitive files on a Windows file server

[goliar () usa com]

I'd like to remind you that regardless of encrypted file system (like EFS) or "container" encryption such as PGP, the 
only way you can you protect your documents (MS Office, Adobe Acrobat) is embedding security in each document via 
technologies of Digital Rights Management. There are several products that can do it. We have been thoroughly testing 
two - a peer-to-peer based Avoco secure2trust and client-server based EMC/Authentica IRM. The difference the DRM makes 
is that users can transparently work with protected documents from within native applications (e.g. MS Word) and can 
only do what is permitted to do with the document - once they were correctly authenticated (normally, in Windows domain 
- against AD). You can even set access expiration dates for documents... In addition to protection you, of course, get 
a very good tracing capabilities (with centralized DRM solutions...) so you always know how many copies exist and which 
users deal with which documents.