Win 7 Pro file server with network shares - is this method secure?

Page 2 of 2 FirstFirst 12

  1. Posts : 9
    Windows 7 Pro 64bit
    Thread Starter
       #11

    Tanya,

    Automatic expiring of passwords? Is that set up somehow? We never considered automatic expiration but definitely a manual change somewhere down the road at regular intervals.

    Maybe I'm missing something, but the users will never know or need to know the password for shares for their user account to the file server. Shares will be set up once and as long as there are no hiccups the mapped drive should re-map on every reboot. User passwords on local users' computers can be changed at any time with no effect to the shares. If the password to user shares needs to be changed it will probably take 30 minutes tops for an admin to take care of of the changes are remapping of drives on 10 computers. Again, maybe I'm missing something here or maybe I have not explained it well?

    As for backup, I agree and a plan is already in place for the short term to swap external backup drives once a week and store them offsite. As an alternative we are also planning a remote offsite backup plan via a software called Duplicati. We will have to test first to see if it is feasible. I don't like the idea of someone swapping drives because generally people will forget or just get lazy and stop the swapping, so I'm hoping the remote backup solution will work well for us.

    Thank you again Tanya.

    TV
      My Computer


  2. Posts : 784
    Linux Mint 17 Cinnamon | Win 7 Ult x64
       #12

    Hi,

    Ok, it is generally a good idea, when setting up a network for a business (even SMBs), to plan out your security strategy. With all due respect, too often things just "evolve" and that's often how problems creep in.

    Generally speaking a business would have passwords last a specific period of time, say 90 days, and then expire, at which point users must create a new password. There are a number of policy rules that can be applied to user accounts in the policy editor, which you should have access to (gpedit.msc).

    These passwords can be the same on the client and the server. When the user updates the password on the client, it automatically updates it on the server. However, you will get calls from your users when they just don't change passwords and get locked out, mess up the change of password, or just continually lock themselves out of their accounts.

    By far the "easiest" solution is to just set up the accounts to never expire. If such be the case, you can set the password on the client PC and the server to be different. The only real advantage that comes to mind is that if they gain access to the server, they will try their client PC password and find it doesn't work.

    Of course, the easier the solution you choose, the less secure it is.

    What you have to decide, or have the business decide, is how secure do you want things; With increased security comes increased complexity, and in all likelihood, increased support requirements from you.

    This really is a business decision. And more often and not they will take the path of least resistance, and the cheapest option, which in the long run will probably bite them on the bum.

    Hopefully I'm not confusing you

    This is what a user property dialogue might look like.
    Attached Thumbnails Attached Thumbnails Win 7 Pro file server with network shares - is this method secure?-sf1.jpg  
      My Computer


 
Page 2 of 2 FirstFirst 12

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 23:28.
Find Us