The Essentials Series: Fundamentals of Effective File Server Security

by Greg Shields


File servers maintain an increasing volume of business critical information. Maintaining the integrity and availability of these resources is a challenge that information technology professionals must rise to meet. The Essentials Series: Fundamentals of Effective File Server Security provides an introduction to the tooling in Windows Server 2008 that can be used to secure a file server, report on the security measures in place, and put in place audit controls to meet regulatory requirements and confirm internal compliance.


Article 1: Enforcing File and Folder Security

In this article, we first discuss the permission structures available on a Windows Server 2008 file server. We then walk through the different tools that are available to control those permissions. Lastly, we cover some of the challenges that each tool presents in our efforts to secure our shared file system.

Article 2: Enumerating File and Folder Security

The second task addressed is reporting on the permissions that have been established on an existing file system. Enumerating the privileges assigned to resources allows the IT professional the ability to provide compliance information, develop comprehensive security policy, and troubleshoot access issues. We examine the features available to retrieve this information and how the data returned impacts reporting and usability.

Article 3: Auditing File and Folder Access

Auditing access (or the lack thereof) generates the most usable information from our security efforts. In this last article, we look at how to enable the auditing features, what can be audited, and how much auditing to do. We also look at how Windows Server 2008 provides facilities to centralize log management and create filters to drill down to the important events.