- On the machine which does support EFS, go ahead and set up an encryption certificate.
- Export the encryption certificate, copy it over to the Windows 7 machine and install it.
- Create a folder and mark it as encrypted on the first machine.
- Copy the folder onto a USB drive formatted with NTFS.
- Finally, copy the folder from the USB drive onto the Windows 7 machine.
Any files created under (or copied to) the encrypted folder will be encrypted, themselves. In addition, this folder can be used as a template for creating additional encrypted folders. So, keeping an empty copy of the folder lying around can be useful.
There are a couple caveats to deal with, though.
- The hard drives on both machines and the USB drive must be formatted with NTFS.
- New folders on the Windows 7 machine cannot be marked as encrypted, unless they are children of folders already encrypted.
- Once a folder or file has been encrypted, it cannot be marked as decrypted on the Home Premium machine.
- Folders shared on the network cannot be decrypted - regardless of whether the certificate & key are installed on the client machine. This is why a USB drive is required.
I realize this seems a long way to go just to get EFS onto a weaker copy of Windows 7. To be honest, I don't use EFS on my laptop extensively; but the files I keep encrypted, I want them to stay encrypted, regardless of which machine they are stored.