Ideally, you wouldn't put the SS# in these spreadsheets at all, but
rather use an employee ID of some sort.
Linda
Tim Evans wrote:
Actually, the newer versions of Excel (2003 & 2007) have pretty good
encryption routines for the spreadsheet itself. VBA protection sucks. Of
course, you have to choose a good password for it to do any good.
...Tim
-----Original Message-----
From: Matt Plahtinsky [mailto:[EMAIL PROTECTED]
Sent: Friday, February 22, 2008 5:10 PM
To: NT System Admin Issues
Subject: Re: Handling of confidential files
Ss# and email = ss# getting owned.
Password protected .xls is like wep on wireless. Its only going to
stop casual snoop. My boss had me break a .xls password last week.
Took less than 30 seconds to break.
Matt
On 2/22/08, Durf <[EMAIL PROTECTED]> wrote:
You want a "drop" folder:
http://technet2.microsoft.com/windowsserver/en/library/86987829-3f74-
412f-abb8-c8b22b07257d1033.mspx?mfr=true
-- Durf
On Fri, Feb 22, 2008 at 3:21 PM, Joe Heaton <[EMAIL PROTECTED]>
wrote:
I need some alternatives to a specific process. The process in
question
is timesheets. Our timesheets are Excel spreadsheets, which are
processed
as follows:
1) All timesheets are located in the user's home folder. At the
end of
the month, the user goes in, updates for the current month, copies
a .jpg
of
their signature onto the current month's sheet, and forwards the
timesheet
to their manager via e-mail attachment.
2) The manager opens the timesheets for their employees, verifies
it, and
copies a .jpg of their signature onto the current month's sheet,
and
forwards the timesheets to a specific admin employee, via e-mail
attachments.
3) The admin employee takes the attachments, and copies them into
a folder on a server, from which the timesheets are then
"processed" and
sent to another agency, to be further processed for paycheck
issuance.
My question to my boss, is why can't we just have the managers
move
the
timesheets for their employees into the folder on the server,
instead of
e-mailing them a second time. In fact, we could have all
processing done
within that folder to begin with, without having to e-mail the
files
anywhere.
The issue that comes up, is how to prevent someone from another
department
from opening someone else's timesheet. The big concern there is
that the
timesheets not only contain .jpgs of people's signatures, but also
contain
SSNs.
My thought is to set permissions on the folder so that people can
place
files there, but not be able to open them once they are there. Is
that
possible with NTFS rights? I will do research on it, but I'm
hoping that
someone has already run into this type of issue and has an answer
already.
Thanks,
Joe Heaton
AISA
Employment Training Panel
1100 J Street, 4th Floor
Sacramento, CA 95814
(916) 327-5276
[EMAIL PROTECTED]
--
--------------
Give a man a fish, and he'll eat for a day.
Give a fish a man, and he'll eat for weeks!
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
--
Sent from Gmail for mobile | mobile.google.com
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
