When the user would call us and tell us that all of his personal files (which was how we knew who's computer was infected.)
I've run into this before, but it wasn't a malicious user, it was malware Too many hands in the cookie jar || Too many hands on the steering wheel. But more often than not, more trouble than they're worth. Even for me - sometimes communal areas for files/folders is great. *sighs* Yep - definitely an education moment. This is the second time in two weeks someone has hidden something on the public drive. In answer to the side note: it was more than 30 files that are not owned by one user. Yep, we use the same system for network drives. Same goes for any other departments between the departments (like accounting not having access to facilities floor plans and security lay out. If there is something in IT that accounting needs, I'll copy it over to the accounting share, but not give them access to the file/folder on the IT share. If you're in accounting, you don't need access to anything IT, you have access to the accounting share. If you are in IT, you can have access to \\domain\IT which has a bunch of licensing files, etc. I break out my shares as needed, and there are certain shares that have more and more sensitive information. How are you tracking files now that you discovered the hidden files/folders?That's how it is supposed to be. In that case, it would be a simple fix -> sensitive files go into drive "X" and can be accessed by.
They simply didn't understand that hiding it actually did less than changing permissions (education moment).
Side note, how do you know a group is doing this maliciously? I've saw some users hide files because they think it's more secure that way on a shared drive, rather than just changing the permissions. You're not changing the contents of the file (write), you're changing it's attributes (that's a specific NTFS change). Is hiding a file underneath "Write" or "Modify" as a permission?Modify.
0 kommentar(er)
