AllanBentsen
asked on
Protection of files and HD
Hi
Is it possible to secure a hardisk, so only selected users may read/access it, or if the hardisk is put in another computer !
The reason is some files are very sensitive and should not fall into the wrong hands :-))
TIA
Is it possible to secure a hardisk, so only selected users may read/access it, or if the hardisk is put in another computer !
The reason is some files are very sensitive and should not fall into the wrong hands :-))
TIA
PGP is also a good option www.pgp.com , i prefer it over efs on win2k due to a bad experience with efs ( dont ask)
pgp is also stronger then efs & alot more user freindly & plugs into email as well as straight data encryption..
pgp is also stronger then efs & alot more user freindly & plugs into email as well as straight data encryption..
ASKER
These are very interesting solutions.
I'll try messing about with both, and i'll get back 2 U.
Thanx
I'll try messing about with both, and i'll get back 2 U.
Thanx
Hey there beware when using EFS, if you have windows 2000 or xp, it is enough for you to upgrade your hard-drive to NTFS and to remove access to all but yourself.
I wouldnt advise PGP, since NTFS has a built-in security there is no need to use a third party tool.
Regards,
I wouldnt advise PGP, since NTFS has a built-in security there is no need to use a third party tool.
Regards,
Akhater: you have more chance of mucking up your recovery certs rather then forgetting your pass phrase.
pgp is also free for non commercial use
pgp is also free for non commercial use
i never said that he should use EFS, but only NTFS permissions, all he wants to do is to restrict access to his files not to encrypt them NTFS permission will be more than enough for this, further more it is transparent to the user and there is no need to enter a password each time you want to open a file.
ASKER
Actually, I want to control wich files, on the disk, are available to individual users.
Even though someone moves the disk to another PC.
I know for sure that this is a very tricky problem, and may not be solved without a third-party tool :-)
Thanx anyway. I keep investigating the information U all have provided. :-)
Even though someone moves the disk to another PC.
I know for sure that this is a very tricky problem, and may not be solved without a third-party tool :-)
Thanx anyway. I keep investigating the information U all have provided. :-)
The hard disk changes pcs? is all the pcs where it goes win 2000 are u the administator of those pcs?
Allan,
As the others have said EFS is your only choice if you are wishing to stop access even if the drive is moved from pc to pc.
This is only available in Win2k and WinXP.
Before you use it make sure you test it on non secure and backed up data. Cos if you make a mistake no one can get into it .
NTFS will stop user access whilst the drive is in the machine.
EFS will stop user access regardless of the drives location.
As the others have said EFS is your only choice if you are wishing to stop access even if the drive is moved from pc to pc.
This is only available in Win2k and WinXP.
Before you use it make sure you test it on non secure and backed up data. Cos if you make a mistake no one can get into it .
NTFS will stop user access whilst the drive is in the machine.
EFS will stop user access regardless of the drives location.
yes EFS will stop access to data in either hard disks, but you are forgetting that he wants to control who is accessing the files not stop access... please Allen clarify what you want and do answer the following questions
The hard disk changes pcs? is all the pcs where it goes win 2000 are u the administator of those pcs?
The hard disk changes pcs? is all the pcs where it goes win 2000 are u the administator of those pcs?
two solutions that I know are VERY good and VERY secure.
try SecureDoc from winmagic
or try Safeboot from ControlBreak intl.
Both are hard drive encryption tools with pre boot authentication. Witch means that none of the Microsoft security flaws can be exploited and even if you put the drive into another machine, it's unreadable.
Both also provide a file encryption tool so that users sharing a machine can encrypt selected files for themselfs only.
Forget about EFS. It sucks. It's only DES and it's only usable in an active directory environment.
try SecureDoc from winmagic
or try Safeboot from ControlBreak intl.
Both are hard drive encryption tools with pre boot authentication. Witch means that none of the Microsoft security flaws can be exploited and even if you put the drive into another machine, it's unreadable.
Both also provide a file encryption tool so that users sharing a machine can encrypt selected files for themselfs only.
Forget about EFS. It sucks. It's only DES and it's only usable in an active directory environment.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
AllanBentsen:
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
But if you put this hard disk into another computer then these restrictions can be replaced by the administrator of this computer. To be sure that nobody can access your data you can encrypt the content of your hard disk. Windows 2000 and XP have EFS (encrypted file system) which allows to encrypt some folders or your complete hard disk.
There are also some third party tools for encrypting hard disk data.