Link to home
Start Free TrialLog in
Avatar of michaelnatale2008
michaelnatale2008

asked on

folder encryption / auditing

We have a need (like everyone else in MA) to provide disk encryption and access auditing to be in compliance with 201 CMR by 3.1.2010.

Our needs are modest:

-We have servers w/direct attached storage serving up files/shares to the company.  We have a need to encrypt data in *some* of the folders, but not all.  Ideally this all should be fairly invisible to the authorized users who access the data stored in these folders/shares.

-We need to be able to then create an audit log of access for those encrypted folders that we archive weekly or monthly or whatever and store somewhere in case we need it or get audited.  Im guessing theres some 3rd party stuff we can install somewhere.

Im looking for suggestions here.  I've looked at TrueCrypt already but it seems like (from what I've read) there might be issues with trying to do folder level encryption and then sharing it across a network.
Avatar of imadimad
imadimad

Hi,
I think that if you use a Windows server as a file server you will be able to encrypt the drives, files and files as you wish from Properties>Advance  then encrypt them.
To make the shard folders invisible to unauthorised users Microsoft has added a new feature to Windows 2003 that is called Windows Server 2003 Access-based Enumeration  http://www.microsoft.com/downloads/details.aspx?FamilyId=04A563D9-78D9-4342-A485-B030AC442084&displaylang=en  
At last for auditing; you may use the event viewer to record the log events for any folder or drive you wish.
Regards,
Avatar of michaelnatale2008

ASKER

I should have said:

-servers could be Win2008

-Windows EFS was examined and discarded as an option (not by me) so I'm thinking of 3rd party encryption solultions.

As for auditing, I think we need an ongoing, hands off way of logging and archiving access (copies, opens, delete, etc) for authorized users that can get piped to a text file (or other logging facility) and get archived off automatically.

Not sure the Event Log would be the right fit there.
ASKER CERTIFIED SOLUTION
Avatar of lucius_the
lucius_the
Flag of Croatia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@lucius

We are trying to avoid having to create a new partition.  Basically we have a folder that is shared already (not encrypted).  It is part of an existing raid group (array is full, no room for expansion).  We want to use that same folder/share for workflow reasons, encrypt/audit it for compliance reasons, but leave the rest of the folders alone.  Can TrueCrypt do this?
Yes, with TrueCrypt you can make a file container, of any size. There is some for NTFS volumes, but yes, you can make a file container and put it somewhere where there is space, on any partition. What's important is that you are not sharing this file, you mount the contents on that file to a new, sort of, virtual drive, and on that drive you share folders and files.

It's a small package, you can try it without even installing, you just need the exe. Try and see if it works for you: http://www.truecrypt.org/.

I use it daily to secure my source code, never had an issue with it. BUT I never tried sharing something in it...
Thanks, I'll give it a shot and report back.