0

I'm a software developer who was given the responsibility to suggest a solution for our client that envolves infrastructure.

Basically our project consists on two softwares for the audit department. Right now they're connected to the company's network.

They want it to be impossible for anyone from the company to intercept, read or do anything with information they will exchange and manipulate. I understand that once our software is deployed into one of the company's server, theoretically one of the administrators would be able to access the information (database, root drives, etc).

Given that I'm not an infrastructure person, the solution I came up so far would require they to create their own datacenter, on a different domain and then having a connection between the two networks so that the existing one can still provide internet access to the new one through a proxy server.

This however, seems like a way to much effort solution.

I just wanted to point out that they also require backup and replication data from their department to be kept away from the rest of the company. So, I'm thinking they'll need to invest on a couple of servers anyway.

But at the same time, I also believe that those servers didn't really need to be domain controllers or do they?

Is it possible to be inside of one domain and still keep information from the domain administrators? I would prefer not to mess with creating and mantainning a new domain.

Is there a better way to achieve their goal? They use Windows Server there if it makes any difference.

Rodrigo Lira
  • 101
  • 1
  • 1
    See also: [Protect files on NTFS volume from Domain Administrators](http://serverfault.com/questions/387651/protect-files-on-ntfs-volume-from-domain-administrators). [Protecting my files from root](http://serverfault.com/questions/70319). [Can user protect his files from untrusted administrator](http://serverfault.com/q/383503/33417)? [Steps to take to protect against the “unthinkable”](http://serverfault.com/questions/79308/steps-to-take-to-protect-against-the-unthinkable). [Windows: How to “hide” domain details from (domain) administrator](http://serverfault.com/questions/374433)? – Chris S Apr 17 '13 at 16:02
  • "They want it to be impossible for anyone from the company to intercept, read or do anything with information they will exchange and manipulate" - one has to ask whether they trust themselves even. – dunxd Apr 18 '13 at 14:31

1 Answers1

2

  1. One server or workstation

  2. Leave the server/workstation as a standalone server/workstation. No need to join the client domain or to create a separate domain.

  3. Assign an ip address to the server/workstation allocated from the client network.

  4. Have the client create a user account in the client domain that has the appropriate rights and permissions to perform the audits.

  5. Configure your software to use this user account.

  6. Done.

The administrators in the client domain will not be able to log on to the audit server/workstation because it's not joined to the client domain and they won't have a valid username or password for the audit server/workstation. The audit server/workstation will be able to access the client domain by way of the user account created in the client domain for performing the audit.

Now, whether or not you can configure your software to use a user account in the client domain is a question only you can answer.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171