How to create a (very) limited access directory on a network
I run a midsized company. Recently we created a limited access directory on our network where upper-level executives could share sensitive files (mostly related to payroll, employee files, etc.). The problem is that I don't want even the IT people who set up the directory and administered the entire network to have access. What methods or technologies should I consider?
This is a tough question. Generally speaking, system administrators have the proverbial "keys to the kingdom." They occupy sensitive positions of trust and can generally defeat any security controls that you put in place. After all, they sometimes need this capability to recover critical data or perform system maintenance.
I think the best option for the scenario you describe is to use a form of encryption that does not store the encryption keys in a manner where they are accessible to system administrators. If you're using Microsoft Office 2007, the easiest way to do this is to use Office's built-in encryption feature to password-protect your files. You'll need to share the password with other upper-level executives in an offline fashion. (Remember, if you email it, chances are the network administrator can read your email!)
Also, notice that I specifically said that this option applies only to those using Office 2007. This latest release of Microsoft Office uses the strong AES encryption algorithm to protect data. Earlier versions of Office use a much more primitive algorithm that is easy to defeat.
More information:Contributor Brien Posey reviews ways to avoid encryption-related data loss.
Learn best practices for successful encryption key management.
This was first published in October 2008