EFS encryption of XP offline files
As a interim measure before replacing our staff laptops with windows 7 and bit locker, I am looking for a very quick fix for a small number of laptops which are taken off site.
Our my documents folder is redirected, and Off line files used to provide access to this when working with a cached account off net.
If I enable the GPO option to encrypt the off line files cache, are there any issues if the user does not regularly sync the machine/changes their password etc?
From what I can see for domain member workstations the domain administrator account should also have recovery rights to the off line files cache.
Have I got this right?
(I realise this is a very weak security measure, and files saved in the wrong place would not be encrypted, just need to put some form of fix in place while we look at the budget and workload!)
The impact of full disk encryption is likely to make some of these machines un-usable, and anything that extends the "time to desktop" is likely to give major problems.