folder encryption / auditing

Posted on 2009-12-28
Last Modified: 2013-12-06
We have a need (like everyone else in MA) to provide disk encryption and access auditing to be in compliance with 201 CMR by 3.1.2010.

Our needs are modest:

-We have servers w/direct attached storage serving up files/shares to the company.  We have a need to encrypt data in *some* of the folders, but not all.  Ideally this all should be fairly invisible to the authorized users who access the data stored in these folders/shares.

-We need to be able to then create an audit log of access for those encrypted folders that we archive weekly or monthly or whatever and store somewhere in case we need it or get audited.  Im guessing theres some 3rd party stuff we can install somewhere.

Im looking for suggestions here.  I've looked at TrueCrypt already but it seems like (from what I've read) there might be issues with trying to do folder level encryption and then sharing it across a network.
Question by:michaelnatale2008
    LVL 4

    Expert Comment

    I think that if you use a Windows server as a file server you will be able to encrypt the drives, files and files as you wish from Properties>Advance  then encrypt them.
    To make the shard folders invisible to unauthorised users Microsoft has added a new feature to Windows 2003 that is called Windows Server 2003 Access-based Enumeration  
    At last for auditing; you may use the event viewer to record the log events for any folder or drive you wish.

    Author Comment

    I should have said:

    -servers could be Win2008

    -Windows EFS was examined and discarded as an option (not by me) so I'm thinking of 3rd party encryption solultions.

    As for auditing, I think we need an ongoing, hands off way of logging and archiving access (copies, opens, delete, etc) for authorized users that can get piped to a text file (or other logging facility) and get archived off automatically.

    Not sure the Event Log would be the right fit there.
    LVL 10

    Accepted Solution

    Why did you discard TrueCrypt ? You can make a container that is formatted in NTFS, that means sharing is not an issue (permissions, etc). Only you have to make sure the drive gets mounted on boot. I think this is doable wihout much problems with TrueCrypt. Especially if it's an encrypted partinion.

    The other part - auditing and logging, that relies on the server and NTFS capabilities. These are possibly expandable, but not dependent on the encryption software. Have a look at this question about file access logging on EE:

    Author Comment


    We are trying to avoid having to create a new partition.  Basically we have a folder that is shared already (not encrypted).  It is part of an existing raid group (array is full, no room for expansion).  We want to use that same folder/share for workflow reasons, encrypt/audit it for compliance reasons, but leave the rest of the folders alone.  Can TrueCrypt do this?
    LVL 10

    Expert Comment

    Yes, with TrueCrypt you can make a file container, of any size. There is some for NTFS volumes, but yes, you can make a file container and put it somewhere where there is space, on any partition. What's important is that you are not sharing this file, you mount the contents on that file to a new, sort of, virtual drive, and on that drive you share folders and files.

    It's a small package, you can try it without even installing, you just need the exe. Try and see if it works for you:

    I use it daily to secure my source code, never had an issue with it. BUT I never tried sharing something in it...

    Author Comment

    Thanks, I'll give it a shot and report back.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
    Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now