Solved

File encryption from PC to Server for 3 users without changing modified date

Posted on 2006-06-30
7
411 Views
Last Modified: 2010-04-11
I have 3 accounting users that have roughly 5000 files in 69 sub folders all in One folder on a network share. I have permissions and security set up that will only allow those 3 into the folders or any files. All files are password protected. Now, I need to be able to allow those 3 people to encrypt and decrypt these files as needed. I am currently using SiFEU for encryption. This modifies the file, and thus changes the date modified on each file. I have been told that this is totally uncacceptable. What are my other options to allow these 3 to encrypt the data without changing the modified date on each file.
0
Comment
Question by:sscottincanyon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 30

Expert Comment

by:callrs
ID: 17021785
Workarounds:
- Change date back through shell extension, script, or utilities made for the task (Google for : file "change date")
- Program to revert a drive to its previous state. e.g. http://www.deepfreeze.com.au/ 
0
 
LVL 57

Expert Comment

by:giltjr
ID: 17021792
Do the file need to be encrypted on the server?  Or do they just need to be encrypted as they get tranfered over the network?

I modifing the files a seprate process from encrypting them?  I would assume that the only type they need to be encrypted is after they have been modifed.  If I need to view the file, I can decrypt it, but the originaly encrypted file stays unmodified.
0
 
LVL 2

Author Comment

by:sscottincanyon
ID: 17025193
I have a backup and have restored the files with the original dates. I guess, what I really need is a way for these 3 users to be able to put encyrpted files on a network share without changing the modified date. What about using a sytem that just uses a certificate on each pc. Would something like that work? If so, what, and how?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 57

Expert Comment

by:giltjr
ID: 17028461
I not sure what you want to accomplish with a certficate on each PC.  How are they encrypting it now?

I would assume that they are encrypting it from their desktops and I would also assume that their procedure is to do it right after they save.

What type of files are they?  What are your requirements for encryption.
0
 
LVL 2

Author Comment

by:sscottincanyon
ID: 17030599
Let me back up a bit. They currently are not encrypting. We have recently been able to convince them of the need to do so. These are payroll, 401k, etc files. Currently, there is no encryption. I encrypted all files, which changed the last modified date. The accounting department agrees that they need to be encrypted, but they must be encrypted without changing the last modified date. For some reason, they use the last modified date to search for files they have been working on. If I encrypt all files, all modified dates change and they don't know what they worked on yesterday, versus last week. Basicallyk, they want absolute security and absolute ease of use. In fact, they don't like having to encrypt and decrypt, they would rather a file auto decrypt when they access it and auto encrypt when they save it.
0
 
LVL 6

Accepted Solution

by:
e_vanheel earned 250 total points
ID: 17030814
If you encrypt you ARE changing the file from a non-encrypted format to a encrypted format.  You might find someone who can create a script to keep the existing time-stamp for the 1 time conversion.

Are you running on a Windows server?  If so, could you create a new folder and setup encryption on the folder.  When the users create a new document, or edit an existing document  have the store them in the new folder.  That should cover the encryption on the server (Storage)

As far as encryption on the wire (Network), you should look at a form of IPSEC (assuming you are using TCP/IP).  If you are running Windows server 2000+ you can create a CA for free.  Or you can purchase certificates from Verisign or Thawte.   Once you have certificates installed you can force the 3 computers to use IPSEC.
0
 
LVL 2

Author Comment

by:sscottincanyon
ID: 17091666
I am going to close this as I have not gotten a resolution. I appreciate all of the help. I honestly believe the problem lies in the fact that my user simply want something that is not possible. They want me to encrypt all files and subfolders in a folder without changing the "modified date". They simply don't understand that in encrypting, the files, are in fact, being modified. As not to be seen as unfair to those who have tried to help, namely e_vanheel, I am going to award the points as what you have suggested will actually work. The part that doesn't function properly is the part that is between the keyboard and the chair. Again, I appreciate the help, keep up the good work.
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Make the most of your online learning experience.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question