Did you know that operating systems provide a way to protect directories, folders, and files through lists of users and user groups that have permission to access these resources. Attributes can also be associated with directories, folders, and files to manage access and support the creation of backups.
How do you do this?
It’s Easy! You create groups with a set of criteria that manages what the individuals are allowed to see, edit, delete or view. When lists are used to manage these resources, a user’s access may be limited to only scanning files in a directory or folder, or to reading the contents of only specific files; or, users may be granted permission to modify data and create new files. In some operating systems, an access list is created to specifically deny a group of users all access to a specific file, folder, or directory. Another use of a list is to specify an owner of a directory, folder, or file. Typically, the owner has the ability to manage the list of those who can use these resources.
By adding individuals to a group makes this process easier. For example, the organization has a group of individuals that has the same security access such as accounting information access. By defining the group not the individual, each time there is a change in staff you just add or delete the individual from the group. Security access is then set up for the group, instead of for each account or individual.
User groupings and permission access folders can save a significant amount of time where there are tens or hundreds of accounts to manage. For example, if 42 accounts all need full access to a folder, it is easier to create a group, add each account to the group, and give the group full access. The more time-consuming method would be to set up access permissions on individual accounts, repeating the same steps 42 times. An obvious risk is that the permissions given to one group also inappropriately apply to the other.
The reason we use computers is that they provide information resources. We access this information through a structure of directories, folders, and files. Managing these resources is a balance between providing the right amount of access for those entitled to use them, and preventing unauthorized access. Some users only need enough access to read or view information, while others need full access to change or manage it.
On the other side of the spectrum, there are always intruders who would like to gain access to information, such as social security numbers or accounting data, in order to misuse it. Those entrusted with managing data must use operating system tools to fine-tune access to directories, folders, and files for all kinds of uses, while building in appropriate protections.
Windows products all use attributes and permissions to control access to folders and files. The specific attributes and permissions are related to the file system used with the operating system. Below is a sample chart of how these permission can be set up.