Security & Backup in NT Domains ..a problem with my workspace
Posted 03 September 2002 - 12:15 PM
I know it's my first posting here but my problem is as big as an elephant and I think that here are enough people to know what I ask ! At this point I want to excuse me for my poor english... but you will know what I'm talkin' about.
The problem is :
@ work ... I made a few folders and files on our domain controller and gave explicite NTFS permissions to me and a few colleagues and nobody else. Next workday when I had a look on my files the permissions were changed to full permission to the admin. I'm an MCP and I know about the things going on in the domain, so I called the admin. He told me about his (poor) backup system (and a lot of other s*** too) and that he and his "admin-team" need full access to the hole data to make a backup of it (There are a couple of NT/2000 servers and also a few Linux machines (backup is running on Linux)). I don't know any backup programs that need full access permission to make a backup.
The biggest problem for me is that the files are containing a lot of personal data because in Germany we have a lot of trouble with law and personal data. At this time I can't guarantee for the files I'm workin' on and I can't guarentee for the data security against my co workers.
My question is : Does anybody of you know a backup soft that needs full access permissions to the data or makes automatically full access to the admins while it's backing up ?
As far as I know is the best way of an admin to lay no hand at the data and it's permissions... am I right ?
best wishes to all boardies
Posted 03 September 2002 - 01:36 PM
I personally don't know of any software that needs that kind of access. Call me paranoid, but something sounds very suspicious there.
Oh, and don't apologize for your English. You speak the language better than some British and Americans that I know
Posted 03 September 2002 - 02:11 PM
ooh yes... also to me ... seems like somebody wants to make an excuse to me. I think he know's about his mistake, but it was not the first time he (and his team = about 20 people, admins and help admins) did things like this. I don't know and I can't understand why he's taking ownership of data, that other poeple had created.
In this case, he was getting ownership of that special kind of personal data... and I know that this is a mistake.
While I got my M$ Courses, one of our MCTs has told us a lot of this kind of data handling and like it was yesterday I hear his words in my ear : " Beware of getting ownership of user created data especially personal data.... and I believe to his words ! German Law is like Chewing Gum but in the case of personal data it's very rough.
The best of this story is that nobody in the leading of our company gives a piece of privacy.....
Posted 03 September 2002 - 02:44 PM
if so i know how
ill post how if thats what you are trying to do, its a bit long winded.
Welcome to the board koala, your english is perfect!
Posted 03 September 2002 - 02:58 PM
...no, that isn't the thing I want to do (but it sounds nice - hehe).
My problem is, that an admin is getting the ownership of files with the excuse of needing the permissions for a backup. That seems a little strange to me. In that kind of data there are a lot of privacy things like names, address, phone numbers and a lot of other stuff too. This only for my and my co workers eyes and nobody else (german law).
I don't acept the excusion with explanations of backup and so on. But before I tell him about his mistake I should be shure that there's no backup soft that needs that kind of permissions ^_^