Enabling SecurDesk!'s Security Features
The material on this page does not apply to the SecurDesk! LV version. If you are evaluating SecurDesk!, you may wish to print out a copy of this page for reference. A version of this information is also included with SecurDesk!'s printed documentation.
SecurDesk! is intended to be flexible, to give you more options for securing and configuring your systems. This page outlines some, but by no means all, of the ways you might use SecurDesk! in addressing your unique needs. This is a basic outline of steps most users take in setting up their systems. You may not need to implement all of these features, or you may need to modify the setup presented here to take into account special needs. While not difficult to implement, SecurDesk!'s security features are intended for experienced users only. If you are not an experienced user, please consider having an experienced user help you through this process.
Having more options sometimes makes an application seem more complicated to use. We believe that you will find that in actual use, the process has been simplified by grouping controls for similar functions. The end of the process will give you a system which makes it very easy for users and trainees to access; can allow multiple users to use a single computer with separate logons and permissions; works across Windows 3.1, 3.11, Windows 95 and NT systems; and significantly improves your security.
The security access settings (which control which programs, files and functions may be accessed, by whom and when) are specified in SecurDesk!’s Administration Manager (ADMAN.EXE which is placed by default in SecurDesk!’s main directory). Following are some specific items which are usually set up using the Administration Manager:
the Administration Manager's screen
Group Profile Page
The first tabbed page of the Administration Manager is the Group Profiles page. These settings are used to add users to your system, create levels of security access clearance, and assign users to these levels. The Enable Security checkbox on this page is the master control which activates the security measures you specify.
- Assign an Administrator
Designate a person (or persons) who will administer the system. Use the "+" button at the top of the Users column to add a name and password for the person(s) who will control security. Drag this name onto the "Administrator" item in the Group Title section to designate the administrator. The "Administrator" group has a security clearance level of 1000, which normally gives access to all features and controls.
- Specify the Users
Use the "+" button to add names and login passwords for each person who has access to the system. If the system is attached to a network, you may wish to use the same password for the user as he/she uses as a network Login.
- Assign Security Access Levels
Use the "+" button at the top of the Group Profile column to create access levels. Assign a name to the group, then assign a number in the Security Level field. Generally, the lower the Security Level number, the more restrictive the access. If you leave the Allow access to lower levels box unchecked, users in the current group will be restricted to only those items allowed for the security level clearance number you specified.
User Profile Page
The User Profile page contains options which allow you to restrict access privileges for individual users to certain hours and/or to certain days of the week.
You may also automatically expire an individual’s password on a certain date (e.g., for temporary help, or to require a user to request a new password for a future log-in).
Desktop Profile Page
Use the options on the Desktop Profile page to restrict access to making changes to the desktop’s setup; to automatically require a new password (login) if the system is idle for a few minutes (e.g., to help prevent a user from leaving the system unmanned without logging-off, thus allowing someone else to access it using the first user’s identity), to track system use with SecurDesk!’s Usage Log feature, and to disable certain keyboard combinations which can present a security risk in some situations.
Directory Profile Page
The Directory Profile page allows you to hide directory folders on the system from lower-level users. Simply highlight the directory folder which you wish to be hidden, then use the Directory Information box to specify the security level which is required to view this folder.
You may also use the field at the top of the page to specify a location on your system for SecurDesk! to use when storing the permissions file.
Encryption Page
Particularly sensitive items (such as patient records, restricted databases, certain programs, etc.) may be encrypted to prevent anyone from reading them.
The version for sale in the U.S. and Canada allows for strong encryption methods (Blowfish, Defense Encryption Standard, Block Cipher, Quick Cipher and Triple Defense Encryption Standard) which are nearly impossible to break, even with the help of a supercomputer. We place an alternative encryption method into the trial version and into versions shipped outside the United States and Canada, to comply with laws restricting the export and importation of such technology.
- Automatic Unencryption
The way SecurDesk! works with encrypted files is, that whenever a user logs-on to the system with a valid password, any encrypted files to which he/she is allowed access are automatically unencrypted. When the user logs-off, or when the system is shut down, the files are re-encrypted.
- Specify which Files to Encrypt
Use the "+" button to select a file to encrypt, then assign a Password key (used to produce the encrypted file) and a Security Level which will have access to this file. Note: you must assign at least a password.
Limit Features Page
Use the functions on the Limit Features page to hide drives and file types from users. In the columns on the right side, simply click on a drive or file type, and then assign the Security Level required to view it.
In the column on the left side, you may also limit access to sensitive SecurDesk! File Manager functions (such as formatting the hard disk or viewing hidden files). Click on the function to limit, then assign the Security Level required to use this function.
Other SecurDesk! topics:
