A client has a situation where they have a small internal IT team that manages the day to day administration of the site. The client manages a large amount of highly sensitive data, which the admins do not require access to.
This data is stored in folders and the appropriate NTFS folder permissions applied. However, the client was not comfortable with the knowledge that the internal team could still give themselves access to these folders.
In the end we settled on a simple solution. We enabled auditing on those folders for the change permissions and take ownership. We then uses EventSentry light to email the manager should a change be made.
Certainly not failsafe, but a sufficient solution for the client.
No comments:
Post a Comment