RE: security products

[Rajagopalan Raman <Rajagopalan.Raman () fgb ae>]

Hi, Juan,

Enabling folder & file level auditing will give the entire information who accessed the files , what permission was 
changed etc...

-
With Best Regards,
R.Rajagopalan
" Though harsh you speak in one's presense Abuse is worse in is absense ... "



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Juan Pablo Macias
Sent: Wednesday, February 18, 2009 9:12 PM
To: security-basics () securityfocus com
Subject: security products


Hi everybody.

A friend asked for my advice, so now i ask the experts. He has a
windows network with many shared excel files. Some of them have
sensitive information, information about his clients, but all of them
are required to be shared. Each share is password protected. He is
worried that, for example, one of his employees takes an important
file from the shared network and sells it.

Is there a way, in this scenario, to control who can access what? or
to avoid copying files away from the shared pc, or to allow to make
changes, but not to copy the file to another location? A possible
solution would be to password protect or encrypt the files, but i
don't think it would be be feasible it talking about some hundred
files. Is there software that already takes care or this?

In the long term, my suggestion would be to put all excel files into a
formal database and implement access control there, maybe even a web
application.

What are your suggestions?

Thanks in advance.

Juan Pablo

--
To follow the path,
look to the master,
follow the master,
walk with the master,
see through the master,
become the master
DISCLAIMER: The information contained in this mail is for the 
intended addressee only and may be legally privileged. If you are 
not the intended recipient, you are hereby notified that any 
disclosure, copying, distribution or taking action in reliance of the 
contents of this information is strictly prohibited and may be 
unlawful. Any opinions expressed, implied or presented are 
solely those of the author and do not necessarily represent those 
of First Gulf Bank. First Gulf Bank shall in no circumstances be 
liable for any loss or damage caused due to error, delay, 
omission or inaccuracy during transmission. If you have received 
this mail by mistake, please delete the message and all the 
copies from your system and notify the sender immediately. All 
emails and file attachments sent to and received through the First 
Gulf Bank domain is scanned for viruses by First Gulf Bank's 
email Virus scanning system. However it is recommended that 
attachments, if any, be scanned for viruses before launching. 
First Gulf Bank is not liable for any damages caused due to virus 
(es), trojans or any other form of malicious software transmitted 
over email.