Solved

prevent Users to store Client information residing on the “C” drive of company laptops

Posted on 2014-04-04
7
327 Views
Last Modified: 2014-04-10
most of our users do exactly that: they leave Client-and company information on the “C” drive of our company laptops.
which are the measures how i can prevent them of doing that?
0
Comment
Question by:DukewillNukem
  • 4
  • 3
7 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 39977658
To point out the most important thing first: since the hard drive needs to be writable, it cannot be completely prevented. However, you can easily stop the creation of folders on the root of c: by modifying ACLs of c:, so that users can only write into their profile. Inside the profile, you can also modify ACLs for folders like the desktop accordingly and set those to read-only.

If you need further instructions, just say.
0
 

Author Comment

by:DukewillNukem
ID: 39977789
well,those are good points you mention.but how do i do implement this on 600 laptops? by GPO?
but also,we have to prevent users completely from storing data on the HD.
could that be done by redirection GPO?
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 39977798
"completely" cannot be done, sorry.
Setting ACLs via GPO is easily done: https://library.netapp.com/ecmdocs/ECMP1196993/html/GUID-A8D101D3-729F-4299-A591-4AC55A5DD12E.html describes it.
Please test thoroughly before deployment.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:DukewillNukem
ID: 39977827
well ok,not completely of course.users must not store client or business data on any computer. but thats already a good starting point. thank you
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39977872
Also for you: please respect the ee guidelines. If an answer does not fully satisfy you, give experts a chance to improve their answers before accepting it and downgrading it.
The guidelines say "excellent" should be chosen unless answers lack information or are unprecise or otherwise unsatisfactory :)
0
 

Author Comment

by:DukewillNukem
ID: 39991583
im still not fully satisfied with that solution because i dont have anything i can show our management.
an idea is,to encrypt the C: drive,but that doesnt prevent users to store data there.
s,what else could be done except to publish a policy not doing it?
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39991913
The drive needs to remain writable by processes started by the user. That's why it can NOT be done completely.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
OnPage: Incident management and secure messaging on your smartphone
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question