Hotline:+49 (0) 721 981840

Increase security level

There are many reasons for the replacement of existing file server systems and conversion to virtual or physical new file server based on Windows Server 2012 R2: the raising of the security level in data management is the most important one! The conversion to a current file server system offers an exposed chance to consolidate your file server infrastructure. It provides a durable, safe and always comprehensible access protection for your sensitive corporate data.

Authorization concept on three columns

  • Standardization of role-based groups and group memberships in active directory
  • static, unique permission entries in the access control lists (ACL) of the data folders on the file server in accordance to the predefined directory depth
  • Integration of the organizational units (OU) and the Windows group design in existing AD infrastructures

Clear control

The authorization assignment takes place exclusively in the ADS through group memberships. With  on-board management consoles and the user helpdesk (ITIL) users can be included into the management by delegation. The mapping of the permit flow via matrix is transparent. Sensible data will be identified and secured separately. The users will get access to their data with a single network drive connection, wich will be assigned to their group policy preferences.

The permission model can be adapted dynamically to access other resources outside the file server infrastructure.

Services and keypoints of our permission concept

  • Recording of partial business processes for development of the permission strategy
  • Design of organizational units and and standard Windoes groups for the access model
  • Creation of a matrix for the arrangement of the directories  (floating rights)
  • Creation of a decider paper for the internal project presentation
  • Separate protection of sensible directories with an 'empty groups' concept
  • GPO-consoliddation with a drive per user via GPO
  • Support in practice for moving the data into the new structure
  • ACL clearance with revision of individual permits, avoiding phantom SIDs
  • Storage solutions for data migration and dynamic data collections
  • Transfer of the rights concept to other IT resources
  • Efficient usage of Windows Server 2012 features
  • Optional directory access monitoring for sensible directories
  • Documentation using special tools