NTFS Security Benefits

5/10/2007

The NTFS file system provides both performance and security improvements over FAT file systems.

NTFS provides security enhancements in the form of Access Control Lists (ACL)s for files and directories. ACLs are security descriptors attached to all files and directories on an NTFS file system. Any file, directory, or other object in the file system can have multiple levels of access permissions. Before a process is allowed to access a file, the security system verifies that the process has the appropriate authorization to do so. Use NTFS to provide granular privilege control for files and folders. Additionally, NTFS supports active directory. Active Directory allows your system to join a domain, and uses server-based authorization to establish file permissions. FAT file systems do not implement security, and all user accounts have equal access to files and directories on the system.

Additionally, NTFS provides you the ability to encrypt specific files and directories. For more information, see Encryption File System.

For more information about NTFS security features, see this Microsoft Web site.

See Also

Concepts

Security Shell Extension

Other Resources

Best Practices for Security
Network Security Considerations
Local Security Considerations