We prevent computer problems
The iPad Hype: Much Ado About Nothing?
Apple Computers (yes, that is what it originally was) recently announced a new iPhone-like mobile computing device called the iPad. Unless you live in the most remote of Islands, I'm sure that is all you've heard or read about in the past week. As neat as many of its features are, it is still missing a lot. As with anything made by Apple, the hype get to you. While the tablet form factor has b...
Astaro Releases Free Edition for Small Businesses
Astaro Corporation, a leading network security vendor, recently announced the launch of the Essential Firewall edition of its flagship security solution Astaro Security Gateway (ASG), available for free to all organizations worldwide. The Essential Firewall edition is claimed to include all the necessary functionality that all organizations need to secure their networks and operate a successful bu...
Software Vendors Encourage Security Lapses
I am now convinced that computer software vendors, knowingly or otherwise, help perpetuate insecure computer practices. They do this by the ridiculous practice of pushing out updates through executable files which ninety-eight percent of the time will get blocked by the security software we encourage users to install on their systems. You get a notification that an update is available, and you cli...

Understanding Windows Permissions

Posted By: Daniel on July 30, 2009 in Operating Systems, Security, Small Business, Storage, Windows - Comments: No Comments »

Microsoft Windows is arguably the most widely used server system for small businesses. In terms of file storage, most small business environments use Windows. In this article, we will explore how Windows implements permissions on file systems.

To safeguard against data theft, it is important that small business owners have an idea or understanding of who has access to sensitive data. Most Operating Systems have built-in complex sets of permission settings that can be applied through group memberships, explicit deny or allow permissions, and inherited permissions. But who actually has access to your sensitive data?

With Microsoft Windows, when users create files and folders, an owner is assigned to the created object. With this assignment, the owner has two permissions: Read and Write. What this means is that even if someone later assigns an explicit deny rule to that file or folder, the owner still has the Read and Write permission. This is because the implicit rights granted by the owner attribute has precedence over other permissions. The security implication of this is that if a user is set as the owner of a folder and their effective permissions allows them to browse, they can grant other rights to see items in the folder and below.

To avoid this, it is important to make sure that users are not granted owner permissions to folders containing sensitive data. The owner attribute should be set to an administrative group. That way, only privileged accounts can change file and folder permissions.

Post to Twitter Tweet This Post

Leave a Reply

Spam Protection by WP-SpamFree

Powered by 7feeds

Categories

Recent Posts

Blogroll

Archives

Tech Prognosis Blog
© 2010 Tech Prognosis. All Rights Reserved | Designed By Appchain