0

I have to manage the security of thousands of laptops. Nowadays our laptops have two partitions, C:, hidden to users but accessible and D: where users store documents, images, etc.

Do this separation increase security?

My opinion is that with correct permissions, in Windows, the separation of partitions does not increase security because what is most important are the permissions and the separation of the partitions do nothing.

Can I put everything in C: and mantain the same level of security?

Related: If there is a malicious attack on one partition, is the other one safe?

Eloy Roldán Paredes
  • 1,507
  • 12
  • 25

1 Answers1

3

My opinion is that with correct permissions, in Windows, the separation of partitions does not increase security because what is most important are the permissions and the separation of the partitions do nothing.

You are quite right. Malware is not concerned with partitions, although I recall a few that do. Partitions are just a division of space that makes sense to the user (Docs on D, games on C, etc..).

I must note; this applies to Windows, but in Unix it is well known practice to separate partitions and mount them with special permissions (nodev, nosuid, noexec) and this does increase security.

Yorick de Wid
  • 3,346
  • 14
  • 22