Microsoft Nixes Encryption Utility

If you were having nightmares about your end users encrypting folders full of Word documents for their eyes only, you can rest easy tonight. Microsoft has officially pulled the plug on its free Private Folder 1.0 utility for Windows Genuine Advantage just days after releasing it.

Network administrators flooded Microsoft and the blogosphere with complaints about how the tool, which let users set up their own encrypted "My Documents" folder that only they could access, was bad news. The idea of data on corporate-issue equipment being inaccessible was a big concern. One systems administrator blogged that any tool for protecting data should be managed by the system admin, so it should come with a "backdoor."

Other worries were users maliciously moving important files into the folder and deleting the originals, storing inappropriate content, or files becoming inaccessible when a user leaves an organization or forgets her password. Private Folder 1.0 was first offered on July 6 to users under the Windows XP WGA system.

"Because of the nature of the concerns around manageability, data recovery, and encryption for customers generally, we decided the best course of action was to remove it from the Microsoft Website" on July 14, says a Microsoft spokesperson.

Encryption utilities aren't new, but Microsoft's Private Folder offering raised concerns that it would become widely used and therefore shut out many system admins from files on their organizations' client machines.

"I don't know why Private Folder got in there in the first place," says Eric Ogren, security analyst at Enterprise Strategy Group. Dropping it makes sense, he says, because it just wasn't a fit for enterprise security.

— Kelly Jackson Higgins, Senior Editor, Dark Reading