[unisog] File protection in a Windows Environment

jkerr@business.buffalo.edu jkerr at business.buffalo.edu
Tue Dec 6 20:16:14 GMT 2005


  That is one of the options we are considering, except that would include
either giving the Microsoft recovery key to a technical staff member who
would then have access, or the customers being the only ones with a key
which might cause complications if there is a system problem and the
customer is unavailable.  In the end that is probably the kinds of
alternatives we are left with, but wanted to see if others are handling it
differently, or if there are any "best practices" in place.







From: unisog-bounces at lists.sans.org [mailto:unisog-bounces at lists.sans.org]
On Behalf Of Rob Whalen
Sent: Tuesday, December 06, 2005 2:29 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] File protection in a Windows Environment


jkerr at business.buffalo.edu <mailto:jkerr at business.buffalo.edu>  wrote: 


  We are evaluating solutions for protecting the confidentiality of
electronic files / documents.  Our Employee Relations area is concerned
about making sure that no one can view their files, including technical
staff.  We are a "Microsoft shop" both on the desktop and servers.

  Are there any recommendations for a solution?  How do you handle this or
similar situations? 

Joe Kerr 
University at Buffalo 



unisog mailing list
unisog at lists.sans.org <mailto:unisog at lists.sans.org> 

This is a simple one. Just encrypt the HR shared folder and only give the
password to the appropriate personnel.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20051206/306bcaaf/attachment.htm

More information about the unisog mailing list