Articles -> CIM-Data Security Administration

CIM-Data Security Administration

The CIM-Data System is fully compliant with Microsoft security on Windows 2000, XP, and 2003 Servers. The security capabilities are described in the CIM-Data System Administrator Help File.

Since system security is susceptible to hacking by determined users or hackers, ongoing monitoring of a server and network is important. This should be managed by an individual trained and certified in Microsoft security and would require at minimum, a Microsoft MCP designation on one or more of the above operating systems.

The CIM-Data Security setup and maintenance is highly recommended on CIM-Data servers with Terminal Services enabled and on CIM-Data servers that are connected to by users over the Internet. It is also recommended for offices with smaller offices with security concerns. Implementing server security can also help protect against viruses, Trojan horses, worms, and other mal-ware.

CIM-Data Security Features:

1. Database directories and partitions are inaccessible by users and from the network.
2. CIM-Data software and other directories have appropriate security levels applied.
3. Users must belong to designated groups in order to use various CIM-Data utilities.
4. Report files can have up to ten levels of group access applied ranging from access by everyone to only specified users.
5. User directories can be protected or shared, made read-only, etc.
6. Console user has print manager security only, rather than administrator privilege. (Administrators can log on to a terminal service session or as another user on XP).

CIM-Data offers four services to aid in implementing server security:

1. Security Design built in. CIM-Data Release 4.0 has several security features integrated with the software. Special and unusual security problems can be custom designed into the software if needed. The CIM-Data System Administrator Help file describes CIM-Data security and an experienced Microsoft System Administrator can use this as their guide to implementing CIM-Data security.
2. Initial setup of CIM-Data Security on the CIM-Data Server. This involves the initial creation of CIM-Data security accounts and groups; customization of the SetDefaultSecurity batch command file; running the batch file; setting up zFiler shortcuts to use CIM-Data security accounts; setting up security logging; reviewing user security settings at the operating system level with the System Administrator and user security permissions and levels with the System Manager; setup of domain password policies; and explaining the general setup of security to the System Administrator.
3. Ongoing Remote System Administration. This involves monthly review of the security logs and reporting of unusual activity; advice on tracking potential or successful hack attempts; general review of System Accounts at the operating system level; and confirmation that CIM-Data Security is in place. High-speed administrator access to the server via Terminal Services or VPN is required.
4. Training on the setup and maintenance of CIM-Data Security on Microsoft Operating Systems. Trainees must have MCP level certification or appropriate experience in Microsoft operating systems. (usually 2-3 hours).

There is no guarantee that can ensure any system is fully protected. Implementing good security precautions can reduce the likelihood of all but very determined hackers to a small probability.  

CIM-Data Security Setup and Administration is an add-on service to the CIM-Data system and is not included in regular system support. CIM-Data Security does NOT cover general Server Security or administration such as Operating System lock-downs, Active Directory management, etc.

Call CIM-Data and ask for Sales at (905) 624-8300 for Pricing.