4

We have a shared network drive that is mapped, and when we open certain files we get a dialog like enter image description here

I found this site which explains that adding the network path to Local Intranet trusted sites for all users allows opening of such files without the Warning.

A colleague is concerned that this opens us up to security risks, but currently, a user would just click run or open in the dialog box and the files in question would run or open.

What security risks does putting the drive into the local intranet sites open us up to if any? Is it safe to do this or a bad idea?

Edit: I found some superuser questions with answers saying to do this but no discussion of risks

hellyale
  • 143
  • 1
  • 1
  • 6
  • Thanks for the solution link. My guest only samba once stops trusting the self compiled files. It's realy stupid to go to the internet explorer to local only server as secure. – ego2dot0 Apr 12 '21 at 04:42

2 Answers2

3

This error dialog is there to make users aware of the potentially dangerous source from where the file comes.

When you say

[B]ut currently, a user would just click run or open in the dialog box and the files in question would run or open.

this defies the reason for that warning to appear, so adding this as a trusted source is not decreasing security if what you say is true for all users.

Nonetheless, there are some assumptions that come with your setup:

  • all people with access are trustworthy and
  • the fileserver is sufficiently secured

If a rogue employee drops malicious code, no one gets a warning beforehand, so users might be inclined to execute macros, for example.

If an external attacker gains access to this file server (for example pivoting from an compromised endpoint), this would defy network segregation if the fileserver serves multiple segments (for example because it is the share for exchange between divisions).

Additionally, there might be implications for the endpoint security solution you are using - a trusted source might not be scanned. This depends on the actual product and settings, though.

You might also want to consider not having the share active all the time to contain ransomware damages to the local, infected, endpoint - even with a good backup strategy, there is cost to restoring from a backup.

Xiong Chiamiov
  • 9,384
  • 2
  • 34
  • 76
Tobi Nary
  • 14,302
  • 8
  • 43
  • 58
1

There is always some level of risk with trusting a system, but in this case, you presumably have control over the server and its contents so that there shouldn't be any compromised files there. It does make it easier for a compromise to spread through your system in an automated way, but that's likely a relatively small concern relative to the security risk of NOT trusting the server.

As you've said, having to bypass the security check for files from the server has resulted in users automatically approving the file to be opened without thinking about it. This is FAR riskier behavior. How many users would notice if the path of the file was from the web instead of a the network share? They would end up bypassing the check on files that actually shouldn't be trusted and make themselves much more vulnerable to attack.

Trusting the share opens up for an automated spread of malware internally to be a little bit more likely (but virus scanners and network defenses hopefully are helping limit this exposure), but it prevents constant bad user behavior of opening untrusted files without thinking about it. An ignored warning is a useless warning, and warnings being ignored is a security threat itself.

AJ Henderson
  • 41,816
  • 5
  • 63
  • 110