One thing I’ve noticed that is a leftover of old technology and old habits is that there are sometimes massive amounts of shared folders on a network. The idea is that the shares contain different contents or require different access rights – but one thing that has been true for a decade is that share permissions are redundant on an NTFS file system network. Best practice for Shared folders in an NTFS environment stipulates that the ‘Everyone’ group be given full control share permissions, and then the access control list for NTFS permissions are used to specify granular permissions.
Since NTFS permissions are used to control folder access, why do we bother with having multiple shares for the sake of controlling various permissions?
Well, the truth is there aren’t many reasons. One in particular that stands out is a situation wherein you have a mixed-operations environment with various Operating System technologies. If you run a Windows environment with Linux and Mac OSX clients then you will actually need to use the share permissions and will rely on them for granular access control. However, if you operate a purely windows environment you can consolidate all of your shares into a single share. Instead of having a volume or partition on your servers where there are several different shares at the root, you can create a single ‘SharedData’ folder and share that. If you are using the shared drives to create letter mappings on client computers, you can just map the letter to a sub-folder of the share drive.
What this approach does, aside from cleaning up your network folders, is reduce the surface area for both administration and security. There are less shared folders and thus less ACLs to manage. There is only a single shared folder broadcasted on the network, so any unwanted guests have a significantly reduced attack surface.
by Chad Weaver
Microsoft has announced their entry in to the cloud productivity with the announcement of Office 365. This is a cloud based solution for businesses that looks to align itself in the same marketplace with Google and its Apps for business. The product is not yet released, but the beta testing for both the small business and enterprise versions of this offering are now open to a limited number of people. The two offerings come in at a very affordable $6.00 a user for the small business offering and up to $28.00 for the full enterprise offering, per month.
The small business offering is suited for organizations up to 25 users while giving them access to Exchange online, SharePoint, Lync Online, and the full set of Office Web Apps. These offerings are accessible from desktop as well as mobile devices including my favorite, the iPhone. This is through the browser of the workstation, and sorry for all you Chrome users; while Safari is approved, it looks like Chrome is out. The enterprise offerings include enterprise friendly additions, up to and including a voice offering and integration with your AD domain. There is a lot of product here as well as a pay per use model. This might just be the next best thing from Microsoft. I really would love to get me a crack at the Beta and give an update on my impressions of the product and how it compares with the traditional offerings. (hinthint)
Being in the IT Support world or well at least in the Philadelphia area you can really see how reliant companies are to their office and productivity products, and the ability to take them mobile is really looking to be the next big thing. Not to mention the transition to the cloud. So many more products and solutions are moving to the cloud, why not our good old friend office? In a way it’s brilliant - no more worrying about keeping the installs up to date, controlling access, installing products needed. With the access controls built in this is looking to be pretty hot.
I can’t stress how much I am looking forward to the cloud!
Interested in moving your infrastructure to the cloud but were too afraid to ask? Fear not! Send us some info!