We have an scenario where we need multiple users to store and access files locally on a RDS server, but the administrators cannot ever have access to them, nor reconfigure the system to make this so. The files must be automatically encrypted once they are written to certain folders.
Just to make life more interesting, some users use a small personal SQL database. Their database files must also be subject to the same security arrangements.
I've been looking at EFS, but not sure if it will meet all the requirements. I know I can set the recovery manager to a non admin, but I haven't been able to determine if I can automatically apply the certificates for multiple users based on the files being placed in a specific folder.