|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
RE: Data encryption in Windows Server 2003serve. If all users have access, clearly it does not hide sensitive data from ordinary users. If the concern is that of the fileserver or its disks being stolen, you can install Truecrypt, and have this mount an encrypted volume as a server diveletter. You can then share this volume (or subfolders of it) on the LAN. This will appear transparently as an ordinary share to users, who will not see the encryption. If the server is powered-down and rebooted, it will then be necessary to-re-supply the password or key at the server console to re-open the share. No key, no access- and unlike ordinary passwords, very difficult to bypass. This would in principle meet the requirement of 'data being encrypted' on the server, though whether it would meet specific confidentiality requrements... you would have to evaluate. http://www.truecrypt.org Show quoteHide quote "Charles" wrote: > I have a requirement to encrypt all the user data on our fileserver. > The user data, however, needs to be accessible by multiple users. What > I want to do is for any user to be able to save a file and for this > file to be saved in an encrypted format, however I want all users to > be able to open this file as well. From what I gather, by using EFS, > this can't be done unless I am willing to go into every file and make > it readable by all the users. I don't seem to be able to say, on a > directory basis, encrypt all files within the directory, but make all > files readable by all users. > > Am I doing something wrong? If I can't use EFS to do this, is there > any other product that I could use? > > Thanks > On Sep 27, 5:20 pm, Anteaus <Ante***@discussions.microsoft.com> wrote:
Show quoteHide quote > I think it first needs to be clarified as to what purpose the encryption will Thanks for this. I will try out Truecrypt. It certainly looks to be> serve. If all users have access, clearly it does not hide sensitive data from > ordinary users. > > If the concern is that of the fileserver or its disks being stolen, you can > install Truecrypt, and have this mount an encrypted volume as a server > diveletter. You can then share this volume (or subfolders of it) on the LAN. > This will appear transparently as an ordinary share to users, who will not > see the encryption. > > If the server is powered-down and rebooted, it will then be necessary > to-re-supply the password or key at the server console to re-open the share. > No key, no access- and unlike ordinary passwords, very difficult to bypass. > > This would in principle meet the requirement of 'data being encrypted' on > the server, though whether it would meet specific confidentiality > requrements... you would have to evaluate. > > http://www.truecrypt.org > > "Charles" wrote: > > I have a requirement to encrypt all the user data on our fileserver. > > The user data, however, needs to be accessible by multiple users. What > > I want to do is for any user to be able to save a file and for this > > file to be saved in an encrypted format, however I want all users to > > be able to open this file as well. From what I gather, by using EFS, > > this can't be done unless I am willing to go into every file and make > > it readable by all the users. I don't seem to be able to say, on a > > directory basis, encrypt all files within the directory, but make all > > files readable by all users. > > > Am I doing something wrong? If I can't use EFS to do this, is there > > any other product that I could use? > > > Thanks able to do what we need. 
Other interesting topics
Problem with administrator password
Local Power Users Group Override limited account restrictions using admin password my pc freezing so easily xp sp2 Firewall Settings for allowing MBSA Windows Vista Business administrator error xp user account security How to encrypt data once it has been backed up account lock out Getting past the log on window |
|||||||||||||||||||||||
