LISTSERV at the University of Georgia
Menubar Imagemap
Home Browse Manage Request Manuals Register
Previous messageNext messagePrevious in topicNext in topicPrevious by same authorNext by same authorPrevious page (October 1997, week 3)Back to main SAS-L pageJoin or leave SAS-L (or change settings)ReplyPost a new messageSearchProportional fontNon-proportional font
Date:   Wed, 15 Oct 1997 00:50:21 -0700
Reply-To:   Andrew James Llwellyn Cary <ajlcary@CARYCONSULTING.COM>
Sender:   "SAS(r) Discussion" <SAS-L@UGA.CC.UGA.EDU>
From:   Andrew James Llwellyn Cary <ajlcary@CARYCONSULTING.COM>
Subject:   Re: Security on SAS
Comments:   To: "M. Esther Colwell" <mec7@ITSA.UCSF.EDU>
Content-Type:   text/plain; charset="us-ascii"

A. Yes it is possible (even easy) to write protect directories and files (where the executables live for example) and still allow everyone to read them in NT. NT security is at least as rich as VMS and UNIX. Even Windows 95 allows for read and write level protection with passwords on shared drives.

B. Get someone INHOUSE (not an IT person, not a consultant) to take responsibility for learning how to and doing a barebones level of systems administration on your server. This person should minimally know how to set policies (your security!), do backups, and install software. They will may not actually do the work but they must understand what that contractor is doing and why! The cost of this is generally minimal compared to the cost associated with the loss of time and data due to a system failure or dataloss.

AJL Cary

On Tuesday, October 14, 1997 4:01 AM, M. Esther Colwell[SMTP:mec7@ITSA.UCSF.EDU] wrote: >Dear All, > >We submit remotely to SAS 6.11 on a NT Server. Currently the SAS >system files are not write-protected (last week a user save >their program as a system file). We do not have a IT department >nor is anyone maintaining the server. The consultant who installed >SAS and fixes various problems believes there is no way to protect >the SAS system files from end-users. Is this true??? > >Does anyone know how we can set-up a more secure environment? >FYI: hiring support personnel is not an option that our management >will consider - we must do the work ourselves. > >Any and all suggestions are deeply apprecitated! > >E. > >

--------------------------------------- Andrew J. L. Cary Senior Curmudgeon Cary Consulting Services http://www.caryconsulting.com

Back to: Top of message | Previous page | Main SAS-L page
listserv.uga.edu
Enterprise Information Technology Services
The University of Georgia
listhelp@uga.edu