Encryption is the process of converting data into a format that cannot easily be read by another user. Once a user has encrypted a file, the file automatically remains encrypted whenever the file is stored on disk.
Decryption is the process of converting data from encrypted format back to its original format. Once a user has decrypted a file, the file remains decrypted whenever the file is stored on disk.
The Encrypting File System (EFS) allows users to store their on-disk data in encrypted format.
Users can encrypt their files when storing them on disk by selecting the Encryptcontentstosecuredata checkbox in the Properties window (General tab | Advanced) or by creating or moving a file to an encrypted folder. The file is accessed normally and the whole encryption process is invisible. To decrypt a file simply deselect the encrypt checkbox.
Administrators can recover data that was encrypted by another user. This ensures that data is accessible if the user that encrypted the data is no longer available or has lost their private key.