Tales from our helpdesk: Encrypted files

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

Tales from our helpdesk: Encrypted files

Encrypting files is a really useful mechanism for protecting sensitive information. But there’s a risk that you might not be able to access the information in the future. Here’s a tale from our frontline support team.

We recently took on a new customer. One of the first calls we received was that they couldn’t access some important documents on their server that were created a couple of years ago. We quickly discovered an employee had encrypted them using the built in Windows encryption facility. The employee had left some time ago and their account had since been deleted.

If Windows encryption is set up properly and the Administrator’s recovery key stored safely this isn’t a problem, the Administrator can simply decrypt the file. Unfortunately the previous support company hadn’t saved the administrator’s recovery key somewhere safe. The situation seemed hopeless without the resources of the NSA’s supercomputers to crack the key.

Luckily there is recycle bin for user accounts which stores them for 6 months after deletion. We were able to recover the account, login as them and then decrypt the files. If we had discovered the issue as much as one month later this wouldn’t have been possible and the files permanently lost.

To stop this happening again we setup their Windows encryption properly, generated a new Administrator’s recovery key, recovered other accounts used to encrypt files on their server, audited and decrypted every file on their server, and finally re-encrypted the sensitive files.

If you or anyone you know would like us to help setup your encryption properly contact telanova on 01344 989 530 or This email address is being protected from spambots. You need JavaScript enabled to view it.

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand