avalon_india
asked on
File Encryption in 2003 server
Situation :
I want to encrypt some files.
Theses files are shared among some AD users
If the files are copied outside domain it should not be usable.
(means, for example, if a user copy the files into his laptop which is not part of the AD, then the files must deny access to it)
I want to encrypt some files.
Theses files are shared among some AD users
If the files are copied outside domain it should not be usable.
(means, for example, if a user copy the files into his laptop which is not part of the AD, then the files must deny access to it)
ASKER
but crokeefe28, truecrypt encrypts the folder/files that is true, but what I want is that if the user copies the file and use it in another system, then it should not work.
thank you.
thank you.
This actually looks like it may fit into something that you would be looking for:
http://www.cryptzone.com/prod_securedef2.asp
I think to accomplish what you are looking for you may have to take a layered approach. Combination of DLP (Data Loss Prevention) and WDE (Whole Disk Encryption). The main problem that you may face is the Key Management piece. You probably want users to be able to access the files that they need if they are authorized, which would fall under the DLP policies and would likely carry a local copy of the Key Management to allow them to do so. Those that are not authorized, you could block totally. Regardless, if you are not performing WDE on the client, then if a user has the rights to take data, and if they are compromised, the intruder could take any information because that user has the appropriate authority to do so. Let me know what you think. If it does not work for you, then I will keep researching.....Sorry for misunderstanding you yesterday.
Cheers
http://www.cryptzone.com/prod_securedef2.asp
I think to accomplish what you are looking for you may have to take a layered approach. Combination of DLP (Data Loss Prevention) and WDE (Whole Disk Encryption). The main problem that you may face is the Key Management piece. You probably want users to be able to access the files that they need if they are authorized, which would fall under the DLP policies and would likely carry a local copy of the Key Management to allow them to do so. Those that are not authorized, you could block totally. Regardless, if you are not performing WDE on the client, then if a user has the rights to take data, and if they are compromised, the intruder could take any information because that user has the appropriate authority to do so. Let me know what you think. If it does not work for you, then I will keep researching.....Sorry for misunderstanding you yesterday.
Cheers
ASKER
Dear crokeefe28
Thank you for your reply.
I checked the site you said. and already requested a free trial and waiting for their response.
I will try to simplify my needs.
I am part of a software company.
We have to share some very important files among about 5-9 peoples in our domain.
They are allowed to view/modify them as normal.
What we need is, if somebody takes the hdd outside domain and connect it as slave or if the data files are copied into their own usb/external hdd and try it in a system outside our domain then, it should not work. Is it possible?
Thank you.
Thank you for your reply.
I checked the site you said. and already requested a free trial and waiting for their response.
I will try to simplify my needs.
I am part of a software company.
We have to share some very important files among about 5-9 peoples in our domain.
They are allowed to view/modify them as normal.
What we need is, if somebody takes the hdd outside domain and connect it as slave or if the data files are copied into their own usb/external hdd and try it in a system outside our domain then, it should not work. Is it possible?
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.truecrypt.org/