File Security

The first line of defense for protecting the data stored on your Windows NT server is adequate file security. File security is the primary defense against disclosure of information, one of the three basic security threats. Windows NT has an advanced file system that provides strong security, but to take advantage of this security you must use it.

The first step in securing your file system is to make sure that you use NTFS on your server. For compatibility with other, and older, Microsoft operating systems, Windows NT offers the FAT filesystem. Don’t use FAT if you are concerned about security. It provides no real security. To secure your file system use NTFS.

The only disadvantage of NTFS is that it is not compatible with other Microsoft operating systems. Backward compatibility was a major marketing issue for Windows NT when it was introduced. Microsoft provided the Windows NT boot manager so that a Windows NT system could be dual-booted, in other words, booted under either Windows NT or Windows. At the time Windows meant Windows 3.1, but it later came to mean Windows 95, and now means Windows 98 as well.

Backward compatibility has little use on a Windows NT server supporting a secure network. A real network server runs 24 hours-a-day, 7 days-a-week. It is rarely taken offline so someone can run Windows 95 on it.[45] For this reason, the disadvantage of NTFS is no real disadvantage for a server. Install your Windows NT server using NTFS.

NTFS Security

NTFS permissions ...

Get Windows NT TCP/IP Network Administration now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.