Need Folder Password

I know you cannot add a password to a standard folder without a third part program. In the past I've simply used 7zip archive utility to add a password to my zip folder.

However I'm now in a business environment, that is requiring a folder to be encrypted with a password. 7zip is too complicated for normal users, because you can't simply drag and drop files into the zip, because you have to manually re-archive it every time for the new files to inherit the encryption and password.

Is there a free easy way to accomplish adding a password to a folder? I don't mind adding a zip folder, but as long as you can drag and drop the files into there without having to re-archive it every time.
LVL 4
Pancake_EffectAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
tailoreddigitalCommented:
You could use TrueCrypt to create an encrypted folder.   It's very secure and doesn't require re-archiving.   You can drag and drop in a Truecrypt archive and Truecrypt is free.

http://www.truecrypt.org/
0
 
Pancake_EffectAuthor Commented:
I thought about that too, however it requires a third part program to open it (which is truecrypt). We're quite big, and just to push out a program like this to the users just for a single department will probably be a no go, especially since it will require a bit of work on the virtual machines.

Where as when I was using 7zip, I usually just saved it in a zip format, and never had issues with the other sites using my zips. But again the main problem with that, is that you have to re-archive it, and I can't expect the users to remember to do that every time. Works okay for IT, but not they everyday users.
0
 
David Johnson, CD, MVPOwnerCommented:
use ntfs file permissions as that is what it was designed for.. If a user doesn't have access then they can do nothing in that folder.  Otherwise you need digital rights management software which adds another layer of complexity to the equation.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
arnoldCommented:
The management of access will become a complexity that you may not want, I.e. create local users on the system and grant them access to this folder. As long as the password for the local user is different than the password of the domain user, the user will be prompted for a password.
I.e.
Domain user username1 then you have a local user username1
This type of setup limits scalability and makes migration more complex as someone has to mantain the user info while at the same time the local user passwords will remain set never changing and there is nothing preventing from password sharing.

Ntfs access +auditing on the share provides you a record of who accessed the file and what was done to it.
Using a document management system might be a consideration you should evaluate.
Many provide versioning control.
0
 
Pancake_EffectAuthor Commented:
The main reasoning I have for this would be because I need the same protection as something HIPPA and PHI would require. For example if a manager needs a report that contains PHI, and needs a place to save it on the share drive, limiting access to only those who need it via NTFS will suffice? I figured you would need a encrypted folder. I can't figure out would other places would do, I wonder if NTFS and auditing suffices under the eyes of something like HIPPA?
0
 
David Johnson, CD, MVPOwnerCommented:
You need a policy document that states who has access to this folder, auditing of file access (security logs), and periodic checks of the ntfs file permissions  and audit logs (as set in the policy document) to ensure that they haven't been changed.. Encrypting the volume/drive is sufficient.

Encryption of data in transit
Encryption of data at rest
Access control by username and password
Written Contingency Plan
Encryption of data during backup
Local and offsite Storage of Backup
Physical Security Policy

Bitlocker is FIPS 140-2 Compliant (Windows 7 and above)
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.