I have recently started investigating encrypted file system and it does NOT seem like it will do what I need it to do. Please let me know if you know differently or know of a product that does what I need.
1) I want to encrypt files directly as they are taken from the Windows 2008 or 2012 server.
2) I want the files to remain encrypted if they are pulled to a client PC.
3) I want transparent encrypt/decrypt at the client side (from the users point of view) just like encrypted file system.
4) *** Here is the big difference *** I want the encryption to go with the file EVERYWHERE it goes. If a device/PC/thumb drive/hard drive etc. does not have the client integration/certificates/decrypt information, they should NOT be able to decrypt the file.
In other words, I want to lock all data to only devices within our realm of control. On the fly decryption when moved to a device that doesn't support like EFS does seems like utter foolishness and serves no purpose that I can see and would only serve to
eat up processor time. The ONLY thing it could even remotely protect against is a stolen device that was turned off at the time it was stolen. Encryption that stays with the file seems to be a much more secure solution and is what i am after.