Situatie
Whether you have an existing file server or are setting up a new one it is important to review your NTFS permissions, this at times can even be a requirement of an audit. To simplify this task I recommend using an NTFS Permissions Report Tool that can scan all folders and show you who has access to what. With a reporting tool, you can list all folder permissions, verify users have the correct permissions, check inheritance, find insecure permissions, verify directory rights, and export the report to CSV, Excel, or PDF.
Secure NTFS Permissions with Security Groups
It is a best practice to create security groups to set NTFS permissions rather than using individual user accounts. Security groups have the following advantages:
- Easier to manage permissions for a group of users
- Easily remove user’s permissions
- Easily grant users access to a file or folder
- Makes it easier to identify who has access to what
- Simplifies auditing and compliance reports
Let me walk through an example of how using security groups simplifies NTFS permissions management.
Say you have 100 employees that need access to the accounting folder, 80 need read/write permissions, and the other 20 need read-only access. To set these permissions you only need to create two security groups, and then configure the permissions for these two groups. Example below.
Now as new employees are hired, all you need to do is add the user to one of these groups to give them access. To remove access you would just remove them from the group. If you did not use security groups for the NTFS permissions you would have to add all 100 users to the ACL, this would be very time consuming and difficult to manage. Example below.
Leave A Comment?