Access Rights
It is entirely possible for all
users to view any part of the server or network they so choose. This
immediately raises a red flag, because this is a massive security hazard. On
the whole, employees can be trusted, however there is always the odd one or
two that can't be. So, measures must be taken against this small minority
who can cause considerable damage, through file deletion and/or theft. It is
possible to carry this out by denying all users from accessing sensitive
parts of the network. This can include drives, folders and individual files.
Also, users can have access denied to devices like printers that may be used
to print sensitive material.
Various operating systems use
different methods for repealing and giving rights.
File Management
File management is also a very
important part of maintaining security and integrity on the network. There
are several areas where this concept can be applied.
User's Home Areas
Besides protecting the overall
system, each user also requires security for their files. This is an area
that ought not to be overlooked, users are just as important as any other
aspect of the organisation. When users are given a login, it is important to
ensure that they are given their own private area of the server in which to
store their files, called a home directory. Permissions should then be
applied to the folder as above, in order to protect users files from any all
other users on the system. This will maintain privacy, and will prevent
unauthorised access, modification or deletion of users personal and
important files.
Version Control
One of the great benefits of IT
is the ease of sharing files. However, if users are working from different
applications like MS Word and Lotus Word Pro, then compatibility issues are
introduced. In this case, operations will be at best cumbersome and at worst
unworkable. Conversation between the two formats is possible, however, users
with basic skills, will not possess the know-how to make such conversions,
therefore disrupting the network's smooth operation. Also, it is important
to ensure that the organisation's application packages are consistent in
terms of their version or release. For example, Word97 will be unable to
open files created in Word2000, and again integrity is compromised and
disorder introduced.
Read Only
Deleting important files can
bring down an entire system. Granted, this is not possible in a
client/server network, because any administrator worth his salt will have
prevented access to any portion of the hard disk drive containing system
files etc. by employing permissions and so on. However, the suggestion is
still a worthwhile one, because users may well be using a peer-to-peer
network or a standalone machine. Enabling the read only attribute, can
prevent files from being deleted and will maintain the integrity and
security of the system.
To do this, right-click the file
in question, select properties from the pop-up menu. On the screen that
appears, ensure that the general tab is selected, and then click in the
Read-only checkbox.
Hidden Files
Besides making files read-only
it is also possible to hide them from view. Even if the user opens the
folder containing the files, they cannot be seen. This technique is widely
used as a default setting for important operating system files at
installation. Files like msdos.sys and IO.sys, which are crucial to the
system, are hidden, and thus cannot be manipulated or deleted. |
