Solved

File security on a netword shared drive

Posted on 2006-06-22
9
585 Views
Last Modified: 2010-04-11
I am using a Ximeta net disk, which is an ethernet attached drive in a shared environment. The drive appears as a local drive letter on all the machines that use it. It contains sensitive data shared among three users.  I am concerned that if the drive gets stolen that someone could connect it via USB and have full access to the drive.  Is there a way to add a security setting in XP Pro that would render the drive useless to anyone who found it?

0
Comment
Question by:klichcfp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 5

Accepted Solution

by:
kevinf40 earned 125 total points
ID: 16960204
EFS encryption should be able to do what you require.

it works with usb drives and you could add your users to the list of users who can access the data

are you in a workgroup environment? if so this document should help you set it up:

http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/efsxppro.mspx

cheers

Kevin
0
 
LVL 32

Expert Comment

by:r-k
ID: 16964561
Be sure to read the section on Data Recovery before using EFS.

Another option often recommended here is Truecrypt: http://www.truecrypt.org/
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16973817
Yes, TrueCrypt or another 3rd party is required. EFS only works on NTFS formatted media, a USB drive may support NTFS, but USB memory probably won't. USB devices can store the EFS keys, no problem, but not likely support EFS data. When EFS encrypted data is copied to non-ntfs media, it's unencrypted automatically, or it's attempted to be unencrypted if the keys are present.
-rich
0
Are You Ransomware's Next Victim?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

 
LVL 5

Expert Comment

by:kevinf40
ID: 16976888
Rich - according to the documentation the netdisk comes formatted with ntfs by default.

If the drive were encrypted with EFS and then stolen, unless the thief also had access to the keys (which would enable them to encrypt the data whatever system was used) then they would not easily be able to un-encrypt the data - unless I've missed something in which case I apologise.

Third party apps will likely offer more features and flexibility so I'd agree it would be worth klichcfp evaluating more than one option.

cheers

Kevin
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 16977398
I figured there were usb drives that allowed NTFS, good to know. They keys would be kept on the PC by default, unless exported. In order for the USB drive storing the EFS data to be used on a seperate pc, the keys would have to be supplied, as EFS is PKI based, not password based. TrueCrypt is password based, and usable on many platforms like Linux/Windows. You can achieve the same sort of result with compression software like 7zip, winZip, winrar etc... most support strong hash's like AES, BlowFish etc... and are password based.
-rich
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 17160860
I think truecrypt is a good choice for one user at a time. (Using it myself, dropped drivecrypt for it)

I'm not sure that you can mount a volume by these three users concurrently.

EFS and ntfs requires proper certificate management, change your passwort and your EFS access is void.

also see:

http://support.microsoft.com/?kbid=890951&SD=tech
http://seclists.org/lists/security-basics/2006/Jul/0133.html



Tolomir
0
 
LVL 5

Expert Comment

by:kevinf40
ID: 17164045
Tolomir - I'd say a split between the four respondants would probably be fair as we all added something
0
 

Author Comment

by:klichcfp
ID: 17167119
Sorry I did not intend to abandon thquestion, I got distracted by some other priorities.  Thanks for the good advice. I will investigate EFS. i am using Cryptainer for my backups as it is, but I dont think it will permit multiple simultaneous connections.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question