We recommend to limit user access to event data held in the local endpoint agent database, and to email or web page content in blob files held below the CA Data Protection data folder. You also want to prevent unauthorized users from tampering with, for example, the document fingerprints stored in content index files in the "C:\ProgramData\CA\CA Data Protection\data\PRC\IndexCache" folder.
By default, the CA Data Protection software and data are in some of the following folders, depending on your operating system:
C:\Program Files\CA\CA Data Protection\ C:\Program Files (x86)\CA\CA Data Protection\ C:\ProgramData\CA\CA Data Protection\data\ C:\Documents and Settings\All Users\Application Data\CA\CA Data Protection\
Note: On an NTFS volume, the "CA" folders typically inherit attributes and permissions from their parent folders. The default file system privileges provide basic protection because users require administrator privileges to modify files in these folders.
Follow these steps:
This attribute prevents users from seeing the CA Data Protection software and data files.
Important: Ensure that the account under which the CA Data Protection infrastructure service runs (typically LocalSystem) retains full access to all CA Data Protection folders!
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|