A. Yes it is possible (even easy) to write protect directories and files (where the executables live for example) and still allow everyone to read them in NT. NT security is at least as rich as VMS and UNIX. Even Windows
95 allows for read and write level protection with passwords on shared drives.
B. Get someone INHOUSE (not an IT person, not a consultant) to take responsibility for learning how to and
doing a barebones level of systems administration on your server. This person should minimally know how
to set policies (your security!), do backups, and install software. They will may not actually do the work but they must understand what that contractor is doing and why! The cost of this is generally minimal compared
to the cost associated with the loss of time and data due to a system failure or dataloss.
On Tuesday, October 14, 1997 4:01 AM, M. Esther Colwell[SMTP:mec7@ITSA.UCSF.EDU] wrote:
>We submit remotely to SAS 6.11 on a NT Server. Currently the SAS
>system files are not write-protected (last week a user save
>their program as a system file). We do not have a IT department
>nor is anyone maintaining the server. The consultant who installed
>SAS and fixes various problems believes there is no way to protect
>the SAS system files from end-users. Is this true???
>Does anyone know how we can set-up a more secure environment?
>FYI: hiring support personnel is not an option that our management
>will consider - we must do the work ourselves.
>Any and all suggestions are deeply apprecitated!
Andrew J. L. Cary
Cary Consulting Services