No announcement yet.

file level security

  • Filter
  • Time
  • Show
Clear All
new posts

  • file level security

    Hi ,

    We do have Windows Server 2008 R2 Edition , Now we want to implement a security such as our users will be able to access the files from the folders allocated to them but they can not send those files in email attachment or not in messenger such as skype or yahoo

    Is it possible using a normal Windows Server 2008 , or ISA Server 2006 , TMG 2010 or i must have to go for third party Hardware Firewall


  • #2
    Re: file level security

    Investigate Active Directory Rights Management Services - this is a role you can add to 2008/R2

    It works on Office documents (Word, Excel, PowerPoint) and allows you (file by file) to block copy/paste, email and printing. There are some limitations on office versions to create and use RMS protected content

    It is a well documented role, and has plenty to help you, but it does require planning and preparation
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: file level security

      Kathy! It's so good to see you again!

      Ossian's suggestion may be the best option, however I'm going to through out there a restricted file systems.

      put your critical data on servers that are only accessible via a Citrx infrastructure.
      Within the citrix infrastructure, have no access to outlook and obviously, IM.
      All they can do is work on or view the documents within the citrix environment.

      It does remind me though, of a whitepaper i found yeeears ago at an old government job.
      It was a description or something called a "display only File system" - and i forget it now, but it intersted me at the time.. it had to do with only allowing documents to be viewed, and skewing them in such a way that if you took a photo of the screen, it wouldn't work properly, and if you tried to copy/paste text, it would jsut be gibberish..
      Please do show your appreciation to those who assist you by leaving Rep Point