RE: File and email Security

From: Uidam, T (Tim) (Tim.Uidam@SYD.RABOBANK.COM)
Date: 08/10/01

Message-ID: <307505342056D31199A100508B55407D062D7A96@SYD1001032>
From: "Uidam, T (Tim)" <Tim.Uidam@SYD.RABOBANK.COM>
To: "'Todd Schubert'" <>, "''" <>
Subject: RE: File and email Security
Date: Fri, 10 Aug 2001 08:12:16 +0800

This may be difficult to achieve, especially if the directory is required to
be backed up regularly. Normally, the backup software would run as a
service, and that service would need priveliges to access that directory...

The focus of this list being MS, I am presuming that we're talking an
NT/2000 domain?
This means that the account that the backup uses would possiblyuse it's own
domain account... And someone would have to have set that up... That same
someone would then know the password it uses. Immediately your CEO's
documents can be compromised by an admin using this account.
The same goes for Exchange.
Even if _only_ the CEO knows the password for these service accounts, any
admin can copy the SAM, and brute-force the account passwords if he/she's
serious enough.

I personally cannot think of a completely "Admin-proof" solution for your
CEO. Others on this list may be able to do better.

*PERHAPS* a compromise is to have the CEO archive his confidential documents
to a password protected ZIP file, with a password greater than 8
alphanumeric & special characters. I believe ZIP encryption is fairly good,
and it may take quite a considerable amount of days to brute-force the

Alternatively, you may suggest that the CEO use PGP File encryption on the
individual files/archives/directories, etc...

I have no experience with Win2k's EFS. Can anyone else suggest if this is a
good solution?


-----Original Message-----
From: Todd Schubert []
Sent: Thursday, 9 August 2001 4:30
Subject: File and email Security

I have an interesting problem that I am hoping someone out there can help me
with. Basically what it boils down to is that we need to store files on our
server and emails on our exchange server that only the CEO can access and
that the network admins can't access without the CEO knowing. Permissions
don't seem to be a solution because they can be changed by the admins and
the logs can then be falsified to hide the changes. Has anyone encoutered
something similiar to this or have any ideas on how to get around this??

This e-mail and any attachments may contain confidential, privileged or
proprietary information. If you are not the intended recipient, please
notify the sender immediately by return e-mail, delete this e-mail (with any
attachments) and destroy any copies. Any dissemination or use of this
information by a person other than the intended recipient is unauthorized
and may be illegal.

De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
de afzender direct te informeren door het bericht te retourneren.
The information contained in this message may be confidential
and is intended to be exclusively for the addressee. Should you
receive this message unintentionally, please do not use the contents
herein and notify the sender immediately by return e-mail.