Re: security products



Hi,

Securing files on a single machine with access control and/or
encryption is one thing but, the data reaching to its user through
network is being over looked. The data in shared folder, even if its
password protected would flow in clear text through the network. So an
employee eavesdropping on the network can retrieve the files. So,
having encryption on the source machine is good idea plus I would
suggest to have a VPN configured between the machines in question. The
VPN tunnel would do the rest of the work of securing the data flow
through the network and it would work transparently to the user as the
file would still be accessed using shared folders.

Another not so attractive method that I just got in mind is to have an
encrypted Truecrypt volume on the source machine and then mount that
volume directly on the users machine, thus it would be decrypted only
at the destination machine. The only drawback is that only one user
can access the volume at a time.

Regards,

On Wed, Feb 18, 2009 at 10:42 PM, Juan Pablo Macias <jpmacias@xxxxxxxxx> wrote:

Hi everybody.

A friend asked for my advice, so now i ask the experts. He has a
windows network with many shared excel files. Some of them have
sensitive information, information about his clients, but all of them
are required to be shared. Each share is password protected. He is
worried that, for example, one of his employees takes an important
file from the shared network and sells it.

Is there a way, in this scenario, to control who can access what? or
to avoid copying files away from the shared pc, or to allow to make
changes, but not to copy the file to another location? A possible
solution would be to password protect or encrypt the files, but i
don't think it would be be feasible it talking about some hundred
files. Is there software that already takes care or this?

In the long term, my suggestion would be to put all excel files into a
formal database and implement access control there, maybe even a web
application.

What are your suggestions?

Thanks in advance.

Juan Pablo

--
To follow the path,
look to the master,
follow the master,
walk with the master,
see through the master,
become the master



--
("Computers have a strange habit of doing what you say, not what you
mean." - SANS Top 25 Most Dangerous Programming Errors)

Shreyas Zare
Co-Founder, Technitium
eMail: shreyas@xxxxxxxxxxxxxx

..::< The Technitium Team >::..
Visit us at www.technitium.com
Contact us at theteam@xxxxxxxxxxxxxx

Join Sci-Tech News group and get the latest science & technology news
in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news
to join.



Relevant Pages

  • Re: Mshome is not accessible
    ... Browser: Unable to determine master for network \device\1: 2 ... Unable to get Master: The system cannot find the file specified. ... Master browser name is: HOM200OF002 ... Decided to uninstall Norton Internet Security 2007. ...
    (microsoft.public.windowsxp.network_web)
  • Re: OT By a mile in parts comments on Viet Nam
    ... check bank accouts etc etc whilst away but is safe to do so over wireless and using the hotel network.. ... you should regard your connection as insecure and use some ... form of encryption to protect your passwords and privacy. ... My recommendation would be to set up a VPN endpoint in the UK that you ...
    (uk.comp.sys.mac)
  • Re: OT By a mile in parts comments on Viet Nam
    ... compared with the risks already inherent in the average hotel network. ... you should regard your connection as insecure and use some ... form of encryption to protect your passwords and privacy. ... My recommendation would be to set up a VPN endpoint in the UK that you ...
    (uk.comp.sys.mac)
  • Re: Setting Up Network Security
    ... I have two computers able to access the network through MAC Filter ... how can I secure the wireless network more? ... I want to set the encryption to WPA2 - PSK with AES (I know the PSK is ...
    (microsoft.public.windowsxp.network_web)
  • Re: Securing an Ad Hoc Network
    ... The data encryption is set to WEP, however from what I am reading this is a vulnerable method. ... Is there any way for me to enhance the security of these two units and still remain wireless? ... Perhaps make the network itself invisible? ... I don't know what wireless network adapters actually support ...
    (microsoft.public.windowsxp.network_web)