I don't think there is a good way to stop administrators from
accessing data if they really want to. If the CEO is not going
to administrate the servers himself someone else will need
access to them, the backup system needs access etc. Also,
adminstrators with physical access to the server will be able
to bypass almost any software based safeguards.

One relatively easy way to solve the problem is to install
encryption software on the CEO's computer. PGP can be used
to encrypt both files and mails, and there are tons of other
programs that can do the same. Of course, if you decide to
use encryption software you will have to figure out how to
recover data if/when the CEO forgets his password.. :)

Mattias

> -----Original Message-----
> From: Todd Schubert [mailto:tschubertjorycapital.com]
> Sent: den 7 augusti 2001 22:28
> To: focus-mssecurityfocus.com
> Subject: File and email Security
>
>
> I have an interesting problem that I am hoping someone out
> there can help me
> with. Basically what it boils down to is that we need to
> store files on our
> server and emails on our exchange server that only the CEO
> can access and
> that the network admins can't access without the CEO knowing.
> Permissions
> don't seem to be a solution because they can be changed by
> the admins and
> the logs can then be falsified to hide the changes. Has
> anyone encoutered
> something similiar to this or have any ideas on how to get
> around this??
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]