September 13, 2004 3:42 PM Subscribe
WindowsXP, 250 gig shared backup hard drive, and a lab full of people with sensitive information that needs to be backed up on said drive but shouldn't be accessible by anyone other than the user who put it there. Security is giving me fits and I'd appreciate some helpful advice. [more gory details inside]
posted by caution live frogs to computers & internet (5 answers total)
we have a lab full of computers. all of us need to back up our stuff but a lot of us have sensitive documents we'd rather not share with everyone else (student/co-worker evaluations, course material, test banks, etc.) we have only one spot to back up, a 250 gig USB hard drive attached to our lab server. we all have our own designated back-up folder on this drive. here's where it gets fun:
the drive is shared on the network to our lab computers only. we're not in a domain, just firewalls between us and the outside, access limited by IP range. there's probably not much i can do about this as we don't have control over the network, just our computers. so far anything i copy to this drive is openly shared with everyone else in our lab, and i can't seem to lock it down such that any one network user can only read/modify one folder. everyone in the lab is currently using Win2K Pro or WinXP Pro.
using my own stuff as a test case, i tried creating a user on the lab server, encrypting files, then logging off. when the system restarts the default account has access to all my encrypted files. i don't know why. if i do the reverse (encrypt then log on with my settings) i can't open the encrypted file.
i tried limiting access for that file to my user account only, ocking out the default lab account we normally run on the machine. no luck. if the default lab account is locked out, nobody can access the files through the network.
only thing i can think of is that the default lab account used to be the old Win2K administrator account before i renamed it while upgrading to XP.
so... anybody else actually get something like this to work? any third-party solution that will cost us as little as possible? oh, i ought to mention that my PI is very non-technical, so whatever solution i come up with will have to continue to work after i've left the lab. any help at all here is appreciated.
(and yes i do realize that "secure" in this instance ain't really so secure - we're not trying to keep out hard-core hackers here, we're just trying to make sure we have a simple data backup solution while also keeping the people in our lab from having one-click access to their own employee reviews.)