JSI Tip 3838. How do I Set Up a Windows 2000 File System for Secure Access?

Microsoft Knowledge Base Article 300691 contains the following summary:

At a basic level, file system security begins by choosing the appropriate file system. Windows 2000 includes three different file systems: NTFS, FAT32, and FAT.

The NTFS file system is the recommended file system because of its advantages in reliability and security and because it is required for large drives. The FAT and FAT32 file systems are similar to each other, except that FAT32 is designed for larger disks than FAT. NTFS has always been a more powerful file system than FAT or FAT32. Windows 2000 Server has a new version of NTFS that includes many important security features such as:
Permissions that you can set on individual files rather than just on folders.
File encryption, which greatly enhances security.
Active Directory, which you can use to view and control network resources easily.
Domains, which are part of Active Directory, and which you can use to fine-tune security options while keeping administration simple. Domain controllers require NTFS.
Recovery logging of disk activities, which helps you restore information quickly in the event of a power failure or other system problems.
Disk quotas, which you can use to monitor and control the amount of disk space used by individual users.
Better scalability to large drives. The maximum drive size for NTFS is much greater than that for FAT, and as drive sizes increase, performance with NTFS does not degrade as it does with FAT.
If you are currently using the FAT file system, you can use the Convert utility that is included with Windows 2000 to convert to NTFS. For additional information about using the Convert utility, click the article number below to view the article in the Microsoft Knowledge Base:
214579 How to Use Convert.exe to Convert a Partition to NTFS
Once you are using NTFS, you can use the file and folder permissions to secure data. Windows 2000 gives you comprehensive control over each file and folder on your hard disk. You can also use Encrypting File System (EFS) technology, which is a security technology that enables individual users to encrypt files so that the files cannot be read by others. For additional information about EFS, please check Windows Help.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.