Just wondering how most people go about securing their important data from sabotage. I watch over an office of about 30 workstations and almost everyone has access to almost everything (about 80 GBs worth of data on the server). It has to be full access for just about everyone because they all need to create, edit, delete, the whole shabang, in just about every subdirectory. The file server is running win2003 server enterprise ed. and setup as a domain controller. I am doing rotational backups on 15 external hdds (2 backups per drive). I have installed Undelete on the server so that all deletions from workstations are caught in a recovery bin. As far as I can see, I still have one security hole.....If someone wanted to do some sabotage, they could open up files, clear the data and save as the same file name. It wouldn't be a deletion, therfore it would not get caught in the recovery bin. If these files went unnoticed for 6 weeks, the backup would be overwritten and the files would be lost forever.
Any ideas of how to get around this?
Thanks in advance