File Servers are one of the most widely used application servers. Because the file server can back up, access control, and permission management of important enterprise files on a unified platform, it can comprehensively improve the security of enterprise data. Therefore, the file server has an increasing influence on Enterprise Information Office. But to be honest, the file
File Servers are one of the most widely used application servers. Because the file server can back up, access control, and permission management of important enterprise files on a unified platform, it can comprehensively improve the security of enterprise data. Therefore, the file server has an increasing influence on Enterprise Information Office. But to be honest, the file
File Servers are one of the most widely used application servers. Because the file server can back up, access control, and permission management of important enterprise files on a unified platform, it can comprehensively improve the security of enterprise data. Therefore, the file server has an increasing influence on Enterprise Information Office. But to be honest, the file server needs to make the results in the enterprise. What is important is the permission design. If the permission design is unreasonable, the file server will become a weakness of the enterprise.
I have helped multiple enterprises deploy file servers, but I still have some experience in this regard. Here, I will summarize it, which may be helpful to you.
1. permission management using groups or roles
In the permission setting process of the file server, the author does not recommend that the network administrator directly authorize the user. If you authorize a user directly, the workload of permission management will be huge. For example, a purchasing department has more than a dozen employees. To authorize them separately, the maintenance workload can be imagined. In addition, if the workload is large, it is inevitable that there will be leaks.
Therefore, when selecting file server software, I usually require the file server to be authorized by group or role. That is to say, the network administrator should first create a group, such as a purchase group. Then assign the folder access permission to the group. Secondly, when a buyer user is added to this group, the buyer automatically inherits the access permissions of the related folders in the purchase group. In this way, the permission management efficiency can be improved without authorization to all purchasers. At the same time, only once the relevant permissions of the purchaser are granted, the permission management accuracy can be improved. These advantages are all important reasons why I prefer to use groups or roles for permission management.
In addition to allowing users to inherit the permissions of a group, we can set special permissions for users. For example, there is a folder on the Enterprise File Server that stores the accounts payable list of each supplier. As a general purchaser, only these files can be viewed and cannot be modified. These documents are generally prepared by the finance team according to the payment conditions. However, as a purchasing manager, you can perform necessary maintenance on the relevant content, such as the payment date. To this end, the purchase manager needs to have read and write permissions on these files, while other purchasers only have read-only permissions on these files. Therefore, we do not need to create a group for the purchase manager. We only need to add him to the buyer group to grant related permissions to the buyer group. Then, assign the user of the purchase manager the permission to write these files. That is to say, we can not only grant permissions to groups or roles, but also grant permissions to users when necessary. In this case, this specific user has some special permissions besides the permissions inherited by the Group.
2. Do not use an account for a department
According to my understanding, many enterprises often use simple permission control when deploying file servers. For example, an account is created for a department, and all employees in this department use this account to access the file server. For example, I have met an enterprise before. For example, a purchasing department has an account. The Network Administrator authorizes this account, and all employees of the purchasing department use this account. I disagree with this practice.
First, users cannot audit the files on the file server. If a file is accidentally modified or an unauthorized user attempts to access an unauthorized confidential file multiple times on the file server's day, only a certain department can be displayed in the file server's log, for example, employees of the purchasing department do. However, Which employee did it. It can be seen that if a department shares an account name, the security of the file server will be greatly compromised.
Second, permissions cannot be controlled in more detail. For example, sometimes we allow users to modify and delete their own files, and other employees, even employees in the same department, do not have the modification permission, this permission control principle cannot be implemented.
Third, the permissions of common employees and department Administrators cannot be separated, reducing the file security on the file server. Generally, Department administrators have higher permissions than ordinary employees. For example, the Department administrator can access the documents of various groups under his or her own department, and also access relevant data of the enterprise management layer. If you share an account with a department, the permissions of common Department employees and department Administrators cannot be distinguished. The Department administrator can only access the file server of an ordinary employee, or sacrifice the security of the file server, so that the common employee has higher file access permissions.
Therefore, sharing an account by a Department reduces the security of the file server and reduces the flexibility. Therefore, I am opposed to this permission management method. In particular, if enterprises have high security requirements, it is better not to use this permission management method. Otherwise, it is very likely that the stone will be lifted and your feet will be smashed.
Iii. Three user-level exclusion principles
Sometimes, even employees in the same group have different permissions. For example, in some enterprises, other users may not be allowed to modify their own files, but can only read the files; otherwise, other users may not have the permission to read the files; however, maybe the Department owner can view his/her own files. This is the exclusion principle in permission management.
This can be achieved through setting permissions for users. However, this process requires a great deal of work and is difficult to maintain. Therefore, we do not recommend manual maintenance. When considering the selection of file servers, if enterprises have such requirements now or in the future, the author will evaluate whether there are any ready-made solutions in the file server software.
First Exclusion Principle: other users can only query their own files but cannot modify them.
That is to say, the document created by buyer A can only be viewed by buyer B of the same department, but cannot be modified or deleted. This is mainly to ensure data uniformity. If we select "do not allow others to modify my files" in user information settings, other users, even the same department or system administrator, you cannot modify or delete your own files.
Second Exclusion Principle: other users can only see the file name, but cannot open or delete the file.
Some enterprises have high security requirements. For example, I have met the procurement departments of chemical enterprises before, and they require that the purchase orders between purchasers should be kept confidential. If you know the purchased content, you can know the specific product recipe information. To this end, other employees cannot modify each other's files, even if they can view them. Therefore, you need to select "do not allow others to read your own files" when creating a user ". In this way, the system will automatically control.
Third Exclusion Principle: a specific person can break through the above two restrictions.
Sometimes, some people with special permissions can break through this restriction. For example, the purchase manager can modify or delete any documents of the purchasers, even if they have implemented the above exclusion principles. Without special handling, the purchase manager is also limited by the above two principles. However, if we select "break through personal restrictions" when setting a Purchase Manager user, the purchase manager will not be subject to the above two restrictions, you can access your files without any restrictions, and modify the files if necessary.
Therefore, you only need to select an option for the three exclusion options above. You do not need to design complex permissions for users. Therefore, I hope to have a mature ready-made solution in the system for exceptions of user permissions. This can save the workload maintained by our network administrator, and its accuracy will be greatly improved. This enhances the security of the file server.
4. Enable access log auditing
When does a user access an unauthorized file, modify it, and read it. If the enterprise network administrator can learn this information in a timely manner, it is necessary to improve the security of the file server and an important measure in permission management. Both pre-control and post-event tracking are crucial.
Therefore, when selecting a file server system, we need to check whether the system has such functions. For example, whether the system can automatically record the access file records of a user, or whether the system can record the access failure history when the user attempts to access unauthorized information multiple times. This allows our network administrator to know which users are attempting to access unauthorized information. We can take relevant measures in a timely manner to ensure the security of the file server.
The above permission design tactics are not only the content we need to pay attention to in the file server permission management, but also the content we need to pay attention to when selecting file servers, to simplify the subsequent permission management workload.