The introduction of Microsoft Private Folder 1.0 has caused a bit of a stir in the tech world. What does it do, exactly? Basically, the app creates an icon on the desktop called “My Private Folder” into which files can be dragged and dropped. The first time the program is run, the user is asked to provide a password, which is then used to encrypt the files.
“Private Folder 1.0 is a useful tool […] to protect your private data when friends, colleagues, kids or other people share your PC or account,” Microsoft said in an announcement. After verifying that you have a valid copy of Windows according to Windows Genuine Advantage, you can download it and try it out yourself.
Immediately after the tool was released, complaints rang out over the Internet, particularly on the MSBlog that hosted the announcement. Many people expressed concerns that the application would make their IT lives difficult. Some of the issues raised were the idea of employees hiding or sharing secrets in the encrypted folder, and users forgetting their password and being unable to retrieve crucial files.
Personally, I think these criticisms are highly overblown. Utilities to encrypt files have been available on PCs for years—even something as simple as WinZip allows anyone to encrypt and store files away from prying eyes. The only possible difference here is that the Microsoft utility might be perceived as more of a threat, simply because it comes from Microsoft and might therefore be more popular.
Ultimately, however, the responsibility lies with both IT and employees to ensure that a set of fair and workable computing rules are established, understood, and respected. Allow me to illustrate with a personal example. When I worked at EA, there was an incident involving a tester releasing images of new NBA jerseys on the Internet while they were still under NDA. The employee was quickly terminated, and management immediately started up the ominous-sounding “QA Isolation Project” to ensure that no files could ever again escape the confines of the testing lab. As we soon discovered, however, the new firewall policies did nothing to prevent people from transferring files over MSN Messenger. While eventually this hole was filled, the company then suffered a much larger leak, not from a tester at all but from a disgruntled developer who walked out of the door with an entire batch of burned prerelease games in his briefcase.
The moral of the story is that if you are terrified that your employees are going to hide or reveal secrets from management, you have more than just technical problems. While Microsoft’s “Private Folder” application may seem to cause headaches for IT management, it is nothing more than a useful utility that should be monitored only as much as any other application a user is allowed to install on their computer. One thing to keep note of, however: Microsoft is not providing any technical support with this program, so if you run into any problems, you are on your own.