Sharing folders and files is one of the most common practices nowadays, especially now that most of us work in the cloud and spend our days granting and revoking permissions. To you, I say you can only view it, to you, you can view and edit it... and so on all day long. But do we really have control over who has access to the information, who was the last person to modify it, or where it is located?
I think we can agree that shared folders have made our lives much easier, allowing us to work collaboratively and in real time, as well as share large files that other platforms like Gmail don't allow. However, necessary measures are not always taken to prevent theft or loss of information and it falling into the wrong hands.
In today's post, we will provide some guidelines on what you can do to protect your shared folders from the "clutches of evil," from vultures who only want your information for illicit purposes.
Once a shared folder is created, Windows allows you to change the permissions or privileges to assign access to its contents. Here's how you can do it:
Go to "My Computer" or "This PC" and locate the shared folder you want to protect.
Right-click on the folder and select "Sharing and Security."
Choose the "Permissions" option.
Remove the "Everyone" group (this prevents unauthorized third parties from accessing it).
Add the users with whom you want to share the information. To do this, select the users in the dialog box who will have access to the shared folder.
Select the users and click on "Object Types," then uncheck "Built-in security principals and groups," and click "OK."
Click on "Advanced" and select "Find Now," then click on the users you want to add.
This way, only authorized users will be able to view your shared folders.
Windows allows you to hide and lock folders in its system using a batch file. Here's how to do it:
Create the batch file using the following code and name it "private.cmd":
:: (c) NorfiPC 2019 - http://norfipc.com
@ECHO OFF
title Folder Privado
if EXIST "Control Panel.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}" goto UNLOCK
if NOT EXIST Privado goto MDLOCKER
:CONFIRM
echo Estas seguro que quieres bloquear la carpeta(S/N)
set/p "cho=>"
if %cho%==S goto LOCK
if %cho%==s goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Privado "Control Panel.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"
attrib +h +s "Control Panel.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"
echo Folder locked
goto End
:UNLOCK
echo Escribe la contrase¤a para desbloquear carpeta
set/p "pass=>"
if NOT %pass%== esed goto FAIL
attrib -h -s "Control Panel.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"
ren "Control Panel.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}" Privado
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Privado
echo Privado created successfully
goto End
:End
Note: Replace [your password] in the code with the desired password.
Save the batch file and double-click on it to run it.
A folder named "Private" will be created. Place the files you want to hide and lock inside this folder.
To lock the folder, run the batch file again.
To unlock the folder, run the batch file, enter the correct password, and the folder will be visible again.
To do this, you need to:
Create a folder named "Documents".
Create two batch files.
- The first batch file called "Lock.cmd" contains the following code: "REN Documents Documents.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"
- The second batch file called "Unlock.cmd" contains the code: "REN Documents.{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} Documents".
When you run the first file "Lock.cmd", it locks the folder. The second file "Unlock.cmd" restores its original properties.
*Important Note: If you leave the second batch file in an accessible location, anyone can unlock the folder, rendering this method useless. Once you have confirmed that the method works, you should move the second batch file to a secure location and modify it, specifying the necessary path to the new location of the "Documents" folder.
At the core of any network is a file server, which is typically the most visible part of a system. That's why you must ensure that the server hosting your website or backups is as secure as a bunker; otherwise, you could be jeopardizing your data.
To turn the location of your server into a high-security center, you can follow the recommendations below.
Make sure your server is physically secure. Imagine if an intruder could gain physical access to your server; this could mean an unauthorized third party could simply walk in, grab your hard drives, and leave without a trace. In addition to risking the entire machine, imagine the potential for starting a fire.
It is crucial that the physical location of your server is secure and has restricted access for specific individuals. Only then can you guarantee its integrity. Another precaution you can take is to configure the system so that it can only boot from an internal hard drive, preventing an intruder from starting the system externally. It is also important to protect the BIOS and boot loader with a strong password. Forget about using "12345678"... choose a password like "todayImgoingtoeatsomemeatballsatmymomshouse."
Drive encryption ensures that even in the event of information theft, it remains inaccessible to unauthorized individuals.
Encrypting your information prevents data leaks. You are the one who decides who can or cannot access the information, and you can grant or revoke access permissions without needing to resend the document or information every time your needs change.
Typically, local network servers do not require a constant Internet connection. The longer the server remains disconnected from the network, the more secure it will be. To achieve this, you can use a firewall to restrict access from outside the LAN.
Run enterprise-level antivirus software on your file server. Most products allow you to update virus signatures from a local update server (or even from other clients running the software on their network).
For example, at ESED, we work with an endpoint that enables automatic detection and removal of malicious programs. This way, we ensure the security of a system 24/7.
File encryption is one of the best options when it comes to sharing documents with other users and ensuring that only they can view them. Dropbox has its own encryption system, but there are other cloud services that do not offer this option. Therefore, you will need to encrypt the file or shared folder yourself before uploading it to the cloud.
Take control of who has access to your shared files or folders: who can view them, who can edit them, who last modified them, and so on. Privilege control is important to prevent unauthorized access by third parties. In the case of businesses, if you are unable to do it yourself, assign a responsible person to manage permissions. It's not acceptable for everyone to have the ability to grant access without any control, as the information could end up in the wrong hands.
The cloud solution Dropbox offers the opportunity to protect your folders with a password. If you work with this solution, we will provide you with some guidelines on how to do it.
Log in to Dropbox.com.
Select the "Share" option next to the name of the file or folder you want to share.
Click on "Link settings".
Select "Only people with the password".
Go to "Set a password" and enter the password you want to use to protect the shared link.
You can set an expiration date for the password (optional), so that when it expires, the folder becomes inaccessible.
Click on "Save settings".
Now you can copy and paste the link into an email or send it directly to other users through Dropbox.
Using some of the methods mentioned above will help you protect your information from those users close to you whose intention is not to steal your information (at least not intentionally), but who may inadvertently put it at risk. It is always important to prevent your information from falling into the hands of cybercriminals due to carelessness or poor privilege management.
And how do you protect your shared folders?
Our main goal is to ensure that your information is secure and protected through advanced individual encryption, giving you full control over who has access to your information. Discover the ESED Control software and how it can help you maintain absolute control over your information. For more information, you can contact us.