Protect data on ntwrk srvr from Admins

Account Information

Reset password

An email has been sent to you with instructions on how to reset your password.

Back to TechRepublic

Welcome to TechRepublic!

By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.

You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.

Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces).

General discussion

Creator

Topic
May 2, 2003 at 4:57 am #2307166

Protect data on ntwrk srvr from Admins

Locked

by sheesh beesh · about 19 years ago

Hello,

One of our sites deals with very sensitive data, consisting of files and a SQL database. They want to be able to protect this data so ONLY certain users (which does not include the domain admin) can access it. What type of solution can be implemented on this network server to make protected data available to all users at this site, but protect it from access/forced entry from everyone else (including domain admins).

Your help is greatly appreciated.

This conversation is currently closed to new comments.
Creator

Topic

All Comments

Author

Replies
- May 2, 2003 at 6:29 am #3520321
  
  Protect data on ntwrk srvr from Admins
  
  by timwalsh · about 19 years ago
  
  In reply to Protect data on ntwrk srvr from Admins
  
  As long as you are using ONLY permissions to control access, the bottom line is that the domain administrator has the ability to get at ANYTHING he chooses to access.
  
  You can set permissions so that an administrator does not have access. However, if the administrator decides he wants access, all he has to do is take ownership of the files and change permissions to allow himself access.
  
  Your only choice will be some sort of third-party file encryption solution and provide the decryptionkey to only those people who need access.
  
  Being a network administrator, I will now put in a plug for all network administrators. By trying to find a solution to TOTALLY deny a network administrator access to certain data/files, you are tying his hands in his ability to solve problems when they occur.
  
  The network administrator position is usually one of special trust, because he normally does have the “keys to the kingdom” as far as data residing on network servers. If the administrator is ethical and trustworthy, merely removing his permission to access files will prevent any inadvertent access. His ethics and honesty will prevent his getting curious to the point of peeking. If you have reason to distrust the network administrator, you shouldn’t leave him in that position. My two cents worth!
  - May 8, 2003 at 3:30 am #3358977
    
    Protect data on ntwrk srvr from Admins
    
    by sheesh beesh · about 19 years ago
    
    In reply to Protect data on ntwrk srvr from Admins
    
    Thanks. Sorry I did not specify third Party Soultion. I need to find out how I can do this w/o ms.
- May 2, 2003 at 6:53 am #3520315
  
  Protect data on ntwrk srvr from Admins
  
  by sheesh beesh · about 19 years ago
  
  In reply to Protect data on ntwrk srvr from Admins
  
  Just to Clarify, I am aware that this is impossible using just windows security and permissions. I need some sort of 3rd party solution… but what? Smart cards? I dunno.
- May 2, 2003 at 8:22 am #3520290
  
  Protect data on ntwrk srvr from Admins
  
  by bcbvale · about 19 years ago
  
  In reply to Protect data on ntwrk srvr from Admins
  
  If you remove DOMAIN ADMINS from the ADMINISTRATORS group on the local machine they will not be able to access that machine.
  
  You can also remove any other accounts, domain or otherwise, that you do not want to be able to log on and add the ones that you do want to allow access.
  
  This does work as we use it for sensitive servers in our environment often.
  
  ChrisV
  - May 8, 2003 at 3:30 am #3358978
    
    Protect data on ntwrk srvr from Admins
    
    by sheesh beesh · about 19 years ago
    
    In reply to Protect data on ntwrk srvr from Admins
    
    Thanks for your reply, I still need to manage the server, just certain data on it, I want to secure from everyone else but users at the site.
- May 12, 2003 at 8:12 am #3356922
  
  Protect data on ntwrk srvr from Admins
  
  by sheesh beesh · about 19 years ago
  
  In reply to Protect data on ntwrk srvr from Admins
  
  This question was closed by the author
Author

Replies

Viewing 3 reply threads

Recruiting an Operations Research Analyst with the right combination of technical expertise and experience will require a comprehensive screening process. This Hiring Kit provides an adjustable framework your business can use to find, recruit and ultimately hire the right person for the job.This hiring kit from TechRepublic Premium includes a job description, sample interview questions ...

The digital transformation required by implementing the industrial Internet of Things (IIoT) is a radical change from business as usual. This quick glossary of 30 terms and concepts relating to IIoT will help you get a handle on what IIoT is and what it can do for your business.. From the glossary’s introduction: While the ...

Procuring software packages for an organization is a complicated process that involves more than just technological knowledge. There are financial and support aspects to consider, proof of concepts to evaluate and vendor negotiations to handle. Navigating through the details of an RFP alone can be challenging, so use TechRepublic Premium’s Software Procurement Policy to establish ...

Security

General discussion