Strategies for Establishing Access to Data Resources for Authorized Personnel

To make the management of information on a network a feasible task, administrators should work with employees to determine which information is commonly accessed by specific groups of employees, and then place those relevant files into a directory structure that can be logically accessed. It would make sense to place all manufacturing documents in the same location, inventory control in another location, and payroll information in its own directory. Once the directories are identified and populated, users should be granted permission only to those resources to which they require access for the execution of their job duties.

When configuring user permissions and access controls on a network, it is important to group employees together in domain user groups with other people who require access to the same information. By doing so, you can apply permissions for that group directly to the resources to which they need access. In a normal setting, it is best to grant permissions in a restrictive setting, meaning that by default no one has access to any resource until their account or user group is granted explicit permission to that resource. Once the initial groups are set up, and permissions are applied to the resources by the user group, it becomes much easier to modify who has access to those resources by simply…