Help Desk Services

 

File security ??

Many people keep files on their computer (or on network file store) that they wish to keep secure.
These notes are for both supported and unsupported machines, but only for Windows.

Network files :

The best way to store a confidential document is on the central network filestore.This ensures that only you have access (or at least that knowledge of your password is needed).
IT Services staff will only access files on the central filestore under the terms of our. In general, IT Services staff would only access files either with the permission of the owner of the files or to investigate misuse.
If you feel you do not have sufficient filestore to store all your confidential files, you can request more quota (up to a limit).
Data stored on a departmental fileserver is the responsibility of the department concerned and you should ask the manager of the fileserver for details of their policies and security setup.

How to secure a file:

If a file is stored locally on a machine, then whether it can be accessed or not by another user logged into that machine depends on the type of machine and how the machine is setup.
For Windows XP, by default anyone with a valid account who can log onto that machine will be able to read files on the machine.
If the machine has been created with a NTFS file system (all supported machines are created this way), then you can change the permissions on a folder to ensure that only the owner can read the files within that folder. By default however, files will be created with permissions that allow anyone to read them. Permissions can be changed by right-clicking on the folder and choosing Properties. Once this has been set, any files within that folder will also protected.
If the machine has been created with a VFAT file system, any user can read any file on the machine and this cannot be changed except by re-installing the machine as NTFS.
For supported machines only, IT Services staff will be able to access files on the local drive remotely (again this will only be done under our RIP procedures). For unsupported machines you must check that the machine is not set to export its drives.
Remember that many people have physical access to machines (cleaners, porters, students etc.) and in general you should not assume that you are the only person using a machine, even if the machine is in an office.
If you feel that someone is using a machine who should not be, then please contact IT Services for advice. However, this does not remove the need to consider carefully how and where you store your data.

Locking PCs :

Windows users can lock their PCs if they are to be left logged on and unattended. Lock your PC by pressing the Windows key + L. The machine can then only be unlocked by the logged-on user, or by a Windows administrator.
To unlock, press CTRL + ALT + DEL, then enter your password.
Copyright @ 2013 Al-Balqa' Applied University - Computer Center