Solved

Encrypt shared folder

Posted on 2014-04-30
13
1,405 Views
Last Modified: 2014-06-07
I'm trying to find a simple solution to encrypt a drive/folder on a MS 2008 R2 server. (The root folder and it's contents are the only data on the drive).

Ideally I would like the users to be prompted for a password whenever they try to access that encrypted network share. (The encryption is for compliance purposes).

I tried BitLocker on a test drive I shared out, set up a password - But I'm not being asked for a password when opening the test file. I went into the local group policy and enabled everything I had to.

Is there a step I'm missing? or another program I can use?
0
Comment
Question by:RISLA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
13 Comments
 
LVL 29

Expert Comment

by:serialband
ID: 40032812
I haven't tried bitlocker yet, but the other whole drive encryption schemes (truecrypt, filevault) I've used only password protect the drive when you first attempt to mount it.  You don't have to enter a password after it's been unencrypted for mounting.
0
 

Author Comment

by:RISLA
ID: 40032831
Thanks serialband, I'll try TrueCrypt. Do you know how backups would behave trying to access a truecrypt drive?
0
 
LVL 29

Expert Comment

by:serialband
ID: 40033830
Once you enter the password, the drive is decrypted for mounting and it should behave as a normal drive.  I suspect that bitlocker would work the same way.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Author Comment

by:RISLA
ID: 40034351
Just so I'm clear:

It's normal behavior for all users to access the shared drive and it's contents without being asked for a password; If I have already entered the password on the server itself?

I encrypted the test drive (5GB with a text document shared out), entered the password to mount it to a new drive letter on the server. Now whenever someone accesses that share they're not asked for a password. Is this normal?

Thanks for bearing with me, I've never had to encrypt a network share before.
0
 
LVL 29

Accepted Solution

by:
serialband earned 500 total points
ID: 40034942
Yes.  You only need to enter the password to mount the encrypted share.  Once it's mounted, it is accessible to everyone.  You're supposed to use ACLs to prevent network access.

Disk encryption is mainly designed to protect laptop users from data theft in addition to physical theft.  It could also protect against illegal LEO access when your equipment is confiscated.  It's not designed to protect against network access.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 40040945
Encryption is not right here.
Please describe your scenario. In other words, why wouldn't NTFS permissions (the standard solution) suffice?
0
 

Author Comment

by:RISLA
ID: 40081890
It is to comply with SOC1, SOC2 and GLBA.
0
 

Author Comment

by:RISLA
ID: 40081895
Thank you. I finally implemented it on the production LUN and it was transparent to the users.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 40082034
What did you implement and why is my comment chosen as solution?
0
 

Author Comment

by:RISLA
ID: 40085303
I meant to select serialband. Not sure there's a way to correct this, maybe a moderator will see this.

I wound up using bitlocker.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 40089314
You will have to contact the mods if serial band should get the points. I wonder why you did not respond to my question. I am sure that encryption does not help you.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question