A very closely related topic to NTFS permissions is the securing of SMB shares. While the permission model for shares is much simpler than that of NTFS, it follows the same basic pattern.
There are a growing number of commercial devices that can expose SMB 3.0 shares. They may have some of their own needs. If you own or are planning to own one of these devices, make sure that you work with the manufacturer to properly configure any necessary security settings to satisfy your organizational requirements.
If your SMB 3.0 share is running on a Windows Server 2012 R2 system, remember to disable CIFS/SMB 1.0. We showed you how to do that in Chapter 2, Securing the Host, but it's worth repeating: