11.2.14 Windows Filesharing Policy
Proposed: | 07/08/2015 |
Adopted: | 08/07/2015 |
Last Reviewed: | 07/31/2018 |
Effective: | 08/07/2015 |
1.0 Background and Overview
Shared folders are a good way to exchange files and collaborate with coworkers, but if used incorrectly they can compromise the confidentiality and integrity of the shared files. Folders are often shared without any access restrictions, such as a password. They may also be shared by giving access to the “everyone” or “domain users” groups. These “open shares” are insecure and allow anyone to view and sometimes change the data stored on these shares. Viruses may even use open shares to propagate on the network.
2.0 Purpose
This policy will define Windows file sharing and state the policy of Middle Georgia State University on this issue.
3.0 Scope
The scope of this policy includes all Middle Georgia State University network-connected computing resources.
4.0 Policy
Shares on Workstations and Servers
Individual users are responsible for maintaining proper security of shares on their workstations. Shared folders must be restricted to specific users or groups or be protected with a strong password. The preferred method is to restrict access to specific users or groups.
In cases where the shared information is considered “public,” folders may be shared as “readonly” with no password or accessible by the “everyone” group.
Faculty and Staff Home Directories
Home directories will be mapped automatically to the server called “Home” through the use of the logon script for every staff/faculty login account.
Storage space is limited and will be divided among all users. These home directories are only accessible to the assigned user. The user is required to maintain the data so that obsolete data is periodically removed from the system. The system administrator is authorized to delete the folders of disabled or inactive users.
Campus Fileserver
Space is available on the server named “FILESERVER” if departments need network storage for interoffice collaboration. This space is limited and will be allocated as needed in collaboration with the CIO. The administrator of this fileserver is responsible for enabling shares and assigning correct security. These shares may be mapped for each user or group requiring access. The system administrator and departmental personnel are required to maintain the data so that obsolete data is periodically removed from the system.
Departmental File Servers
Departments requiring additional storage beyond that provided by home directories and the campus fileserver will be required to provide their own server. An individual designated by the department head will administer this system. This administrator is responsible for enabling shares and assigning correct security.
5.0 Enforcement
The Office of Network Administration will periodically scan the network for open shares and shares protected with weak passwords. Users determined to be in violation will be required to perform corrective actions to properly secure these shares. Furthermore, The Office of Network Administration reserves the right to intervene with individual users who are observed to be violating these policies and deny them network privileges if necessary.
6.0 Definitions
File-sharing - Whatis.com at http://whatis.techtarget.com/ defines file sharing as “the public or private sharing of computer data or space in a network with various levels of access privilege. While files can easily be shared outside a network (for example, simply by handing or mailing someone your file on a diskette), the term file sharing almost always means sharing files in a network, even if in a small local area network. File sharing allows a number of people to use the same file or file by some combination of being able to read or view it, write to or modify it, copy it, or print it.”
Windows File-Sharing - File-sharing using Microsoft Windows native file-sharing protocols.
7.0 Revision History
08/31/2004 - Original
10/30/2013 - Revised to reflect new institutions name.
11/02/2015 - Revised to reflect University status.