How are User files in Windows 7 protected?

I noticed that I cannot access user files from one account across another. However, if someone took my HDD, hooked it up to another computer, would they be able to see the files? Is there a way to encrypt user files without encrypting the entire HDD? I would like to encrypt my files on my laptop, but only those in my user account. This because I do not want a password prompt on the HDD, as I am using Prey and users need to be able to do Windows gust user logins for Prey to (potentially) track stolen property.

Solution 1:

What you have noticed is ACLs (Access Control Lists), which specify which users can read or write to which files.
This relies on the OS to enforce it; as you suspected, anyone with physical access to the disk can read anything.

You can tell Windows to encrypt files using EFS by right-clicking one or more files or folders, clicking Properties, Advanced, Encrypt these files.
This will encrypt the files using your Windows login password, so that they will not be readable outside your account.
If you forget that password, you will lose the files.

Solution 2:

I haven't tested this in Win7, but I mount my Vista HDD from Linux all the time. There is no protection, I can make any changes I like. I can only guess that Windows 7 would behave in the same way.

Regarding encryption: Have a look at TrueCrypt if you haven't already. That lets you set up an encrypted file and then mount it as a logical drive (after entering password), which you can then access from the file system like any other drive.