People in our company asked to encrypting some of the shared folders published in a local Windows 2003 File Server. The requirements are:
- Encrypt the files, so only a user or group or users can open them
- Avoid password protected files. The encryption process should be transparent to the users
- Though files are encrypted, the backup software (BackupExec) must be able to copy and access binary for verification
- Cannot install tools/software in user's PCs, they want this to work automatically
As we have very little experience managing servers, we'll be grateful for any help or suggestion offered.
Best Answer
Take away the administrators permission to the folder. He can then not see the directory without taking ownership and reseting the permissions (which can then be recorded in auditing). Backup operators group has access to everything, make sure this password is set to something hard to remember and not recorded (again audit password resets + change of membership of this group). Enable encryption on the files to protect backups from other users.
At the end of the day the administrator with some effort can see any file on the system, even using certificates, because he can go onto the user's pc and grab them or install keyloggers, restore from backups to somewhere else, resetting permissions, etc. And shared passwords don't often stay very secret. What usually happens when you go to so much effort to hide files from them is that the user forgets their password and gets locked out of their data forever. Plus users don't know enough about IT to know when an admin could have circumvented their precautions.
At the end of the day you have to trust your admins with data confidentiality as you do with other employees and company assets/money. Any really vital data can always be stored on cd/dvd/flash and physically secured.