Thanks to Ronni and Chris for good info, and an Exchange solution. As for the other respondents, next Thursday is Thanksgiving...look out you turkeys!
Regards, Orin Orin Rehorst Port of Houston Authority (Largest U.S. port in foreign tonnage) e-mail: [EMAIL PROTECTED] Phone: (713)670-2443 Fax: (713)670-2457 TOPAS web site: <www.homestead.com/topas/topas.html> -----Original Message----- From: Smith, Ronni [mailto:[EMAIL PROTECTED]] Sent: Friday, November 22, 2002 10:53 AM To: Exchange Discussions Subject: RE: Absolute file protection Use public folders with permissions set so that only the approved users can access the folders and only the service account can change access? Use a separate server to host these public folders and use a different account for the service account than any other account on your network giving the password only to one of the approved users. Get a separate backup program (and tape drive) for it and make one of the users who is supposed to have access responsible for keeping the media changed and locked up. Get ready to find a new job when something goes wrong and none of these super important documents can be accessed again. This still doesn't stop your users from copying the files to somewhere else either. And still leaves you vulnerable to physical access issues although you can probably set a bios password on the server to prevent boot from floppy or cd and again only give the password to the trusted user. Or lock it in a cage with some form of lock only the trusted users can open. Ronni ********************************* My toys! My toys! I can't do this job without my toys! --------------------------------- > -----Original Message----- > From: Orin Rehorst [mailto:[EMAIL PROTECTED]] > Sent: Friday, November 22, 2002 8:30 AM > To: Exchange Discussions > Subject: OT: Absolute file protection > > > Am I missing any options? > > Objective: set up server folder / storage area for access by > specified users > only (no admin access allowed) in the NT / WIN2K server environment. > > Options, from worst to best: > > > * Set up a folder with access allowed for specified users > only. This > will not work in our environment because the admins for the > domain can take > ownership of any folder. > * Set up a separate server and domain with the specified users the > only admins. The specified users would have to maintain the > domain (and > server). Also, with physical access to the server, > knowledgeable people with > enough time and effort could access the separate server and domain. > * Use the password options of Word, Excel and other applications. > There are software packages that can crack into these files. > * Share a folder on the PC of one of the specified users. > Anyone on > the LAN with enough knowledge, time, and effort could hack > into a shared > folder. > * Use available software packages to make files in a > folder encrypted. > Knowledgeable people with enough time and effort could compromise such > files. > * Store the files on an offsite third party system. It > could be made > difficult for anyone beyond the specified users to know that > this type of > storage arrangement had even been set up. Admins of the third > party may be > able to access the information. > > > Regards, > Orin > > Orin Rehorst > Port of Houston Authority > (Largest U.S. port in foreign tonnage) > e-mail: [EMAIL PROTECTED] > Phone: (713)670-2443 > Fax: (713)670-2457 > TOPAS web site: <www.homestead.com/topas/topas.html> > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
