Solved

Need Folder Password

Posted on 2013-06-13
6
231 Views
Last Modified: 2013-06-20
I know you cannot add a password to a standard folder without a third part program. In the past I've simply used 7zip archive utility to add a password to my zip folder.

However I'm now in a business environment, that is requiring a folder to be encrypted with a password. 7zip is too complicated for normal users, because you can't simply drag and drop files into the zip, because you have to manually re-archive it every time for the new files to inherit the encryption and password.

Is there a free easy way to accomplish adding a password to a folder? I don't mind adding a zip folder, but as long as you can drag and drop the files into there without having to re-archive it every time.
0
Comment
Question by:Pancake_Effect
6 Comments
 
LVL 23

Assisted Solution

by:tailoreddigital
tailoreddigital earned 125 total points
Comment Utility
You could use TrueCrypt to create an encrypted folder.   It's very secure and doesn't require re-archiving.   You can drag and drop in a Truecrypt archive and Truecrypt is free.

http://www.truecrypt.org/
0
 
LVL 4

Author Comment

by:Pancake_Effect
Comment Utility
I thought about that too, however it requires a third part program to open it (which is truecrypt). We're quite big, and just to push out a program like this to the users just for a single department will probably be a no go, especially since it will require a bit of work on the virtual machines.

Where as when I was using 7zip, I usually just saved it in a zip format, and never had issues with the other sites using my zips. But again the main problem with that, is that you have to re-archive it, and I can't expect the users to remember to do that every time. Works okay for IT, but not they everyday users.
0
 
LVL 78

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 250 total points
Comment Utility
use ntfs file permissions as that is what it was designed for.. If a user doesn't have access then they can do nothing in that folder.  Otherwise you need digital rights management software which adds another layer of complexity to the equation.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 76

Assisted Solution

by:arnold
arnold earned 125 total points
Comment Utility
The management of access will become a complexity that you may not want, I.e. create local users on the system and grant them access to this folder. As long as the password for the local user is different than the password of the domain user, the user will be prompted for a password.
I.e.
Domain user username1 then you have a local user username1
This type of setup limits scalability and makes migration more complex as someone has to mantain the user info while at the same time the local user passwords will remain set never changing and there is nothing preventing from password sharing.

Ntfs access +auditing on the share provides you a record of who accessed the file and what was done to it.
Using a document management system might be a consideration you should evaluate.
Many provide versioning control.
0
 
LVL 4

Author Comment

by:Pancake_Effect
Comment Utility
The main reasoning I have for this would be because I need the same protection as something HIPPA and PHI would require. For example if a manager needs a report that contains PHI, and needs a place to save it on the share drive, limiting access to only those who need it via NTFS will suffice? I figured you would need a encrypted folder. I can't figure out would other places would do, I wonder if NTFS and auditing suffices under the eyes of something like HIPPA?
0
 
LVL 78

Accepted Solution

by:
David Johnson, CD, MVP earned 250 total points
Comment Utility
You need a policy document that states who has access to this folder, auditing of file access (security logs), and periodic checks of the ntfs file permissions  and audit logs (as set in the policy document) to ensure that they haven't been changed.. Encrypting the volume/drive is sufficient.

Encryption of data in transit
Encryption of data at rest
Access control by username and password
Written Contingency Plan
Encryption of data during backup
Local and offsite Storage of Backup
Physical Security Policy

Bitlocker is FIPS 140-2 Compliant (Windows 7 and above)
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now