Solved

Securing Company Data From Sabotage

Posted on 2006-06-26
10
317 Views
Last Modified: 2008-03-03
Hi all,

Just wondering how most people go about securing their important data from sabotage.  I watch over an office of about 30 workstations and almost everyone has access to almost everything (about 80 GBs worth of data on the server).  It has to be full access for just about everyone because they all need to create, edit, delete, the whole shabang, in just about every subdirectory.  The file server is running win2003 server enterprise ed. and setup as a domain controller.  I am doing rotational backups on 15 external hdds (2 backups per drive).  I have installed Undelete on the server so that all deletions from workstations are caught in a recovery bin.  As far as I can see, I still have one security hole.....If someone wanted to do some sabotage, they could open up files, clear the data and save as the same file name.  It wouldn't be a deletion, therfore it would not get caught in the recovery bin.  If these files went unnoticed for 6 weeks, the backup would be overwritten and the files would be lost forever.

Any ideas of how to get around this?

Thanks in advance
0
Comment
Question by:1bigboomstick
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 16989345
Is your company under any type of goverenment or industry regulation?

Daily/Weekly/Monthly audit reports.  Reading the data and verifying that it is within defined limits.

There is nothing you can do other than this.  Even if you only had 2 employee's and 1 file.  If one of them wanted to  sabotage the data, they could do it.  It could be seconds, minutes, hours, days, weeks, months before somebody notices.

Do they really need to change the files?  If so, they you should look into some type of logging function.  What type of files are they?  
0
 
LVL 1

Author Comment

by:1bigboomstick
ID: 16989512
Company is not under any regulation.

How do I setup audit reports?

Yes they do need to change the files; and they are mostly .dwg files from AutoCAD and MicroSurvey files.  Drawings are constantly being created and modified by different employees.
0
 
LVL 5

Accepted Solution

by:
VortexAdmin earned 43 total points
ID: 16989551
You should have longer back up periods than 6 weeks, even if just for legal reasons.  What if an employee leaves the company then sues them over something and data is evidence, you can only go back 6 weeks.  A lawyer can't even file a brief in 6 weeks.  You should have a full backup tape from the end of the month taken offsite and stored, or at least end of the quarter.  Costs are minimal and if you really had to go back to find something from last year, you'll have it.

As for sabotage specifically, that's what all the content management software is for that everyone's getting into these days.  I've researched and tested some for some attorney clients but I could see it's value for any client.  By using the server (software) when an employee opens up a file, it records who opened it, what time they opened it, size of file, all kinds of details. You can have versioning so even if employee A changes a file, it'll keep the copy employee B made and the original, etc.  It's almost endless what it can track as long as your server and software budget is endless too.

The biggest downsides are costs and training.  The packages I've seen are expensive but most are component built meaning you can get some functions and leave out others you don't need (ie, tracking in Exchange, but not anything else, etc.)  I'm know there's other software that's cheaper and does similar things, perhaps on a smaller scale that would fit your needs.  Start here: http://www.hummingbird.com/products/docsopen/index.html

Hummingbird bought PCDOCS which was one of the most popular packages for law firms and they've expanded to cover more than just the legal industry.  Learn what it does and what you need then look around for a solution that's a better fit for your company and within your budget.  

Good luck!
0
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

 
LVL 57

Expert Comment

by:giltjr
ID: 16989567
Umm.  Well the dwg files are these are graphic files, so there is no real audit report.  I am not sure about the MicroSurvey files.  I was thinking of text type files or databases.

What do you do for disaster recovery?  Ever hear of tape?  I would suggest some type of tape backup (multiple tapes) that you keep longer and keep it offsite, this way you can recover from almost anything.

Do daily tape backups and keep them for say 14 days onsite and do a weekly and keep for 8 weeks offsite and then also do a monthly and keep offsite for a year. You may miss some revisions, but you could go back a year to get something.  If you have a major disaster, then you can go back at most 1 week to recover everything.

If you need to recover document more recent than one week, then you need to send daily backups offsite.  Instead of tape, you could use offsite DASD and do file transfers daily.
0
 
LVL 7

Expert Comment

by:Okigire
ID: 16993074
Just a couple of ideas...
 - backups are great, and perhaps you can have two backup schedules: one weekly(?), and one monthly... so you have a comprehensive short-term backup, as well as longer-term "master" backups.
 - logs are also good... if you log everything a user does, not that you need it, but if something happens you can atleast investigate what happened.
0
 
LVL 1

Assisted Solution

by:BooneSaysHi
BooneSaysHi earned 41 total points
ID: 17005678
Since you are using Win2003 server you could set up the Volume Shadow Copy Service on the network shares that these files are located in.  This service copies the file deltas any time a file is modified. The service checks for file changes on a set schedule but in the the example provided this would prevent the sabotage in the short term.  If the VSCS service was allocated enough storage space the file version history would go back several months.  Also you would need to implement monthly and weekly backups into your rotation as the previous posters have pointed out.
0
 
LVL 12

Assisted Solution

by:GinEric
GinEric earned 41 total points
ID: 17009212
You really need some form of Versioning software with file locks.

If you go take a read and see how CVS [Concurrent Versioning System] does exactly what you're trying to accomplish, you'll find out that CVS makes copies of all changes, right up to the current ones, and therefore deletion is impossible.

The idea is easily transportable from the way the software world uses it to the ways it can be used in the other worlds, data, data entry, etc..

The important thing is file locks when you don't want some spurious user to overwrite a file and thus cause its deletion, intentional or by mistake.

In the CVS Repository system, even if the file is zeroed out and overwritten, all copies are never discarded, and, it keeps track of every change, in fact, it is by keeping track of the changes that it also saves space.

At least a look into the idea may provide you with a direction toward a better solution than simply backups.

Not that much really changes, even for large projects, and backing up 80 GB every night is sort of like replaying the same 20 movies over and over again, every day, when only one scene or program changes from day to day.  A differential system, akin to CVS, saves the changes, which barely amount to 1 GB, if that, over a day's work.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction How to create multiboot configuration with XP\Vista and Windows 7 on it? And most important question - how to do this correctly so not to have any kind of nightmares we get when system gets screwed? First of all one should realize t…
Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question