[unisog] - data tool

Chris Green cmgreen at uab.edu
Mon May 11 15:35:30 GMT 2009


You can build ACLs that the administrator cannot read (but then you have to properly manage backup operators) but you cannot prevent them from taking ownership (but you can audit the event).

We've not used it this part of the product but PGP NetShare (http://www.pgp.com/products/netshare/) addresses this issue.

> -----Original Message-----
> From: unisog-bounces at lists.dshield.org [mailto:unisog-
> bounces at lists.dshield.org] On Behalf Of Christoph Sprongl
> Sent: Friday, May 08, 2009 1:55 AM
> To: unisog at sans.org
> Subject: [unisog] - data tool
> 
> Hi,
> 
> looking for a tool either encryption or good ACLs unfortunatly for a
> Microsoft env., to make sure that only a specific group can share
> documents.
> Objective is that a sysadmin is really not able to look into the data.
> 
> TrueCrypt encrypts containers, only one person can access the data.
>  FreeOTFE does have problems if data got accessed parallel -> data corrupt.
> 
> Any ideas more than welcome!
> 
> christoph
> 
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog



More information about the unisog mailing list