Paul, I don't believe the Apache server has sftp configured. There is a web application built already that is set to severely limit access to these files. My guess is they would have to rebuild that back end to make it happen. But, that's a good idea and if the security team pushes I will suggest that as an option.
Eric On Tue, Sep 6, 2016 at 11:31 AM, Maglinger, Paul <[email protected]> wrote: > Can you use sftp to transfer the files? > > > > -Paul > > > > *From:* [email protected] [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Eric Wittersheim > *Sent:* Tuesday, September 06, 2016 11:19 AM > *To:* [email protected] > *Subject:* [NTSysADM] EFS and Temporary files > > > > I have a project that is in a highly secured environment and is governed > by our PCI policies. The project will allow a user to log into a locked > down Hyper V VM that is running Windows 2012 R2 server and open IE 11 to > download WAV files from a second Apache server on the local subnet. The > download directory has been redirected to a folder that is encrypted using > EFS so all files are encrypted as well. Once the project time frame is > complete the downloads are deleted with evidence provided that the files > are removed. We can't securely erase the hard drives because multiple > projects will be running at the same time. So it has been determined that > a deleted file that was encrypted meets the security team requirements. > > > > What my main concern is the actual download process of the file. I > believe the file might be going to a temp folder in the users profile > folder unencrypted before being copied over by the OS to the EFS encrypted > folder. Thus leaving those unencrypted bits on the hard drive. At this > point I don't know of any way of getting around this problem. > > > > 1. Has anyone successfully used EFS on the users iNetCache (or IE temp > directory)? > > 2. Does anyone have any ideas on how to do this differently? > > > > > > Thank you in advance for any pointers, > > > > Eric > > > > > > >
