FW: Filer/Share Time Access Restrictions (Help).

["Murda Mcloud" <murdamcloud () bigpond com>]

What kind of permissions will they have during the day? Will it allow them
to save somewhere else/modify etc? Why do you need to limit access during
those hours? I'm just wondering whether having any access at a specified
time means that they could (conceivably) copy the file anyway and use it
'offline'.
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Huang, John, GCM
Sent: Wednesday, November 15, 2006 6:37 AM
To: security-basics () lists securityfocus com
Subject: Filer/Share Time Access Restrictions (Help).

Filer/Share Time Access Restrictions:

Any feedback or suggestions on how to accomplish this objective is
appreciated.

Objective: There's a highly sensitive confidential file share that we
want to restrict access to during off-business hours. The user will keep
their ability to login to their computer from home/VPN and access email
through Outlook web.

Possible solutions (none of them ideal).

1. Create 2nd account for user and grant file access rights only to that
account. Enable time login restriction in AD and create drive mapping
using that 2nd account credential to main account. Problem is that if
the user forgets to logoff and save, their unsaved Office sessions may
crash and unable to save even if the drive connections are later
restored.

2. Create 2nd account for user and have them use it during off hours.
Place time restriction on main account. Problem is that OWA Outlook Web
will not work.

3. Using script and event scheduler to add/remove permissions on the
fileshare.

Any better ideas on how to accomplish this?

Regards,
John

-----------------------------------------
*******************************************************************
*

This e-mail is intended only for the addressee named above.
As this e-mail may contain confidential or privileged information,
if you are not the named addressee, you are not authorized
to retain, read, copy or disseminate this message or any part of
it.

*******************************************************************
*


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------




---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------