Login
Button
About Us
Testimonials
Products and Services
Free Website Scan
Marketing Packages
Enterprise Solutions
Marketing
Digital Presence - Churches
Case Studies
Events
Contact Us
Blog
Stay Informed
Blog
Blog
Data Access Governance Best Practices - Part 2 of 2
File Server Permissions
Author:
Eric Smith
Number of views: 2511
Best Practices for File Server Permissions:
Have users log on using domain user accounts rather than local accounts. This approach centralizes the administration of share permissions.
Create a file server permission policy that clearly defines your permission management process.
Remove the "Everyone" permission from every resource except the global folder designated for file exchanges.
Assign permissions to groups, not user accounts. This approach enables you to add users to or remove them from groups without having to reassign permissions, simplifying management and improving accuracy.
Give each group a succinct yet descriptive name to avoid errors.
Define sets of permissions that reflect the access needs of a particular department or a specific role in the organization.
Assign the most restrictive permissions that still allow users to perform their jobs. For example, if users need only to read information in a folder and not to change, delete or create files, assign the Read permission only.
Organize your resources so that objects with the same security requirements are located in the same folder. For example, if users require the Read permission for several application folders, store those folders in the same parent folder. Then give Read permissions to the parent folder, rather than sharing each individual application folder separately.
Avoid denying permissions to a shared resource explicitly. It is usually necessary to explicitly deny permissions only when you want to override specific permissions that are already assigned; this can indicate that either permissions were assigned directly rather than via group membership, or that a user is a member of the wrong group.
Assign the Full Control permission only to the Administrators group and strictly limit membership in this group. This permission enables a user to manage application software and control user rights.
Create a “global deny” group so that when employees leave the company, you can quickly remove all their file server access by making them members of the group.
Audit every change to permissions on your file servers and always check whether those changes were authorized.
Print
Categories:
Security
,
Networking infrastructure
Tags:
Search
«
November 2024
»
Mon
Tue
Wed
Thu
Fri
Sat
Sun
28
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
1
2
3
4
5
6
7
8
Categories
Expand/Collapse
Auditing and Compliance
0
RSS
Expand/Collapse
Marketing
14
RSS
Expand/Collapse
SEO
1
RSS
Expand/Collapse
PPC
0
RSS
Expand/Collapse
QR Codes
2
RSS
Expand/Collapse
Church Marketing
0
RSS
Expand/Collapse
Text Marketing
1
RSS
Expand/Collapse
Security
4
RSS
Expand/Collapse
Cyber Attacks
0
RSS
Expand/Collapse
Ransomware
0
RSS
Expand/Collapse
Tools
4
RSS
Expand/Collapse
Email
0
RSS
Expand/Collapse
Networking infrastructure
3
RSS
Expand/Collapse
Backups
0
RSS
Expand/Collapse
Servers
1
RSS
Expand/Collapse
Security
0
RSS
Expand/Collapse
Marketing
1
RSS
Expand/Collapse
Owners and C-Suite Execs
2
RSS
Expand/Collapse
Design
3
RSS
Expand/Collapse
5 Steps
0
RSS
Expand/Collapse
Say What?
1
RSS
Expand/Collapse
Hosting
0
RSS
Expand/Collapse
Website
2
RSS
Expand/Collapse
ADA and WCAG
3
RSS
Expand/Collapse
Development
2
RSS
Expand/Collapse
API
0
RSS
Expand/Collapse
SQL
0
RSS
Expand/Collapse
APP
0
RSS
Expand/Collapse
Customer Experience (CX)
0
RSS
Expand/Collapse
Customer Experience Metrics
1
RSS
Expand/Collapse
User Experience (UX)
1
RSS
Expand/Collapse
User Interface (UI)
0
RSS