Considering SB1386 guidelines in the state of California, adding a password would be a Very Good Idea anyway. I highly recommended that be introduced as a process change to our HR department when dealing with temporary agencies, in case anything was ever sent in plaintext that included SSNs during one of our Personal Information reviews a couple of years ago.
On 2/22/08 2:35 PM, "Louis, Joe" <[EMAIL PROTECTED]> wrote: > We use Excel routing for such things. Forwards via email as the user closes > the document. You could always add a password to the xls to keep people > honest. Also, Ok27 has some features that it should like you are looking for. > > From: Joe Heaton [mailto:[EMAIL PROTECTED] > Sent: Friday, February 22, 2008 3:22 PM > To: NT System Admin Issues > Subject: Handling of confidential files > > I need some alternatives to a specific process. The process in question is > timesheets. Our timesheets are Excel spreadsheets, which are processed as > follows: > > 1) All timesheets are located in the user's home folder. At the end of the > month, the user goes in, updates for the current month, copies a .jpg of their > signature onto the current month's sheet, and forwards the timesheet to their > manager via e-mail attachment. > 2) The manager opens the timesheets for their employees, verifies it, and > copies a .jpg of their signature onto the current month's sheet, and forwards > the timesheets to a specific admin employee, via e-mail attachments. > 3) The admin employee takes the attachments, and copies them into a folder on > a server, from which the timesheets are then "processed" and sent to another > agency, to be further processed for paycheck issuance. > > > My question to my boss, is why can't we just have the managers move the > timesheets for their employees into the folder on the server, instead of > e-mailing them a second time. In fact, we could have all processing done > within that folder to begin with, without having to e-mail the files anywhere. > > The issue that comes up, is how to prevent someone from another department > from opening someone else's timesheet. The big concern there is that the > timesheets not only contain .jpgs of people's signatures, but also contain > SSNs. > > My thought is to set permissions on the folder so that people can place files > there, but not be able to open them once they are there. Is that possible > with NTFS rights? I will do research on it, but I'm hoping that someone has > already run into this type of issue and has an answer already. > > Thanks, > > Joe Heaton > AISA > Employment Training Panel > 1100 J Street, 4th Floor > Sacramento, CA 95814 > (916) 327-5276 > [EMAIL PROTECTED] > > > > > > > > > > > ----- > Salvador Manzo [ 620 W. 35th St - Los Angeles, CA 90089 e. [EMAIL > PROTECTED] ] > Auxiliary Services IT, Datacenter > University of Southern California > 818-612-5112 > An avidity to punish is always dangerous to liberty. It leads men to stretch, > to misinterpret, and to misapply even the best of laws. He that would make his > own liberty secure must guard even his enemy from oppression; for if he > violates this duty he establishes a precedent that will reach to himself. > Thomas Paine, "Dissertation on First Principles of Government" ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
