Novell GROUPWISE 7 Security Policies

XVI

Security Policies

 Chapter 80, “Securing GroupWise Data,” on page 1161

 Chapter 81, “Securing GroupWise Agents,” on page 1163

 Chapter 82, “Securing GroupWise System Access,” on page 1167

 Chapter 83, “Secure Migrations,” on page 1169

novdocx (en) 11 December 2007

XVI

Security Policies

1159

novdocx (en) 11 December 2007

1160 GroupWise 7 Administration Guide

80

Securing GroupWise Data

 Section 80.1, “Limiting Physical Access to GroupWise Servers,” on page 1161

 Section 80.2, “Securing File System Access,” on page 1161

 Section 80.3, “Securing Domains and Post Offices,” on page 1161

80.1 Limiting Physical Access to GroupWise Servers

Servers where GroupWise® data resides should be kept physically secure, where unauthorized
persons cannot gain access to the server consoles.

80.2 Securing File System Access

In ConsoleOne®, Server objects for servers where GroupWise domains, post offices, and agents
reside should be assigned appropriate trustees and rights to prevent access from unauthorized
persons.

novdocx (en) 11 December 2007

80

For additional data security, encrypted file systems should be used on servers where GroupWise
domains, post offices, and agents reside. Only GroupWise administrators should have direct access
to GroupWise data.

80.3 Securing Domains and Post Offices

In ConsoleOne, administrators in addition to the Admin user should be given rights judiciously, as
described in Chapter 75, “GroupWise Administrator Rights,” on page 1135.

The POA should be configured for client/server access, so that GroupWise users do not require any
direct access to any databases in the post office. For more information, see Section 36.2.1, “Using

Client/Server Access to the Post Office,” on page 486.

Securing GroupWise Data

1161

novdocx (en) 11 December 2007

1162 GroupWise 7 Administration Guide