|Subject:||Re: new permissions question|
|Posted by:||Frankster (Fra…@SPAM2TRASH.com)|
|Date:||Tue, 28 Apr 2009|
> THe office owners want me to lock the data all down
What you are facing is "physical security". Probably the 1st defense is
physical security. This is because, when you have physical access to a
machine you can circumvent virtually all file-based security measures. This
is why you will find Servers in "Server Rooms" and/or "Data Centers" and not
under a user's desk, in enterprise installations.
I think you're gonna have to explain to the "owners" the "physical security"
threat. And that for items where you can't have total physical security
(i.e. workstations - and even servers sometimes) you're gonna need a written
"Security Policy". A Security Policy with potential termination as a
consequence of ignoring or circumventing the "rules".
Just my opinion.
new permissions question posted by Kim K on Tue, 28 Apr 2009