Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Encrypt shared folder

Posted on 2014-04-30
13
Medium Priority
?
1,530 Views
Last Modified: 2014-06-07
I'm trying to find a simple solution to encrypt a drive/folder on a MS 2008 R2 server. (The root folder and it's contents are the only data on the drive).

Ideally I would like the users to be prompted for a password whenever they try to access that encrypted network share. (The encryption is for compliance purposes).

I tried BitLocker on a test drive I shared out, set up a password - But I'm not being asked for a password when opening the test file. I went into the local group policy and enabled everything I had to.

Is there a step I'm missing? or another program I can use?
0
Comment
Question by:RISLA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
13 Comments
 
LVL 30

Expert Comment

by:serialband
ID: 40032812
I haven't tried bitlocker yet, but the other whole drive encryption schemes (truecrypt, filevault) I've used only password protect the drive when you first attempt to mount it.  You don't have to enter a password after it's been unencrypted for mounting.
0
 

Author Comment

by:RISLA
ID: 40032831
Thanks serialband, I'll try TrueCrypt. Do you know how backups would behave trying to access a truecrypt drive?
0
 
LVL 30

Expert Comment

by:serialband
ID: 40033830
Once you enter the password, the drive is decrypted for mounting and it should behave as a normal drive.  I suspect that bitlocker would work the same way.
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 

Author Comment

by:RISLA
ID: 40034351
Just so I'm clear:

It's normal behavior for all users to access the shared drive and it's contents without being asked for a password; If I have already entered the password on the server itself?

I encrypted the test drive (5GB with a text document shared out), entered the password to mount it to a new drive letter on the server. Now whenever someone accesses that share they're not asked for a password. Is this normal?

Thanks for bearing with me, I've never had to encrypt a network share before.
0
 
LVL 30

Accepted Solution

by:
serialband earned 2000 total points
ID: 40034942
Yes.  You only need to enter the password to mount the encrypted share.  Once it's mounted, it is accessible to everyone.  You're supposed to use ACLs to prevent network access.

Disk encryption is mainly designed to protect laptop users from data theft in addition to physical theft.  It could also protect against illegal LEO access when your equipment is confiscated.  It's not designed to protect against network access.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 40040945
Encryption is not right here.
Please describe your scenario. In other words, why wouldn't NTFS permissions (the standard solution) suffice?
0
 

Author Comment

by:RISLA
ID: 40081890
It is to comply with SOC1, SOC2 and GLBA.
0
 

Author Comment

by:RISLA
ID: 40081895
Thank you. I finally implemented it on the production LUN and it was transparent to the users.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 40082034
What did you implement and why is my comment chosen as solution?
0
 

Author Comment

by:RISLA
ID: 40085303
I meant to select serialband. Not sure there's a way to correct this, maybe a moderator will see this.

I wound up using bitlocker.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 40089314
You will have to contact the mods if serial band should get the points. I wonder why you did not respond to my question. I am sure that encryption does not help you.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question