Securing Server Data in Windows 2000

Securing Server Data in Windows 2000

From Windows 2000 Server Professional Reference, by Karanjit S. Siyan, PhD., New Riders.

Data security is increasingly important in today's interconnected world. This tip discusses how such security can be accomplished with Windows 2000.

How do you secure data on the file server? One way is to make use of the security provisions provided by the NOS. The network Administrator with Supervisor or Full Access privileges, however, can read all files and directories on the server. That becomes a problem if you are dealing with sensitive information you do not want other users, including the Supervisor, to see.

One way of handling this problem is to encrypt databases and files that contain sensitive information. The file is decrypted when it is opened, and is encrypted when it is closed. As you can imagine, however, performance suffers because of the encryption and decryption operations. Windows 2000 NTFS version 5 supports file encryption.

A number of encryption programs are available. Some encryption programs are bundled with software tools. Many use the Data Encryption Standard (DES) algorithms, or MD5 (Message Digest 5) to provide a one-way checksum to detect alteration of data.

Encryption also can be performed in hardware at the NIC level before transmitting packets across the LAN media. When LAN packets are being encrypted, only

    Requires Free Membership to View

the data portion of the packet is encrypted. Because the network address and control fields in the packets usually are not encrypted, devices such as bridges and routers can interpret the network address and control fields.

Windows 2000 introduces IPSec, used to provide secure channels over the TCP/IP protocol, and the Kerberos protocol for transparent but secure authentication of services.

For more information about Windows 2000 Server Professional Reference, go to New Riders.

This was first published in September 2000

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.