CSSCurrent en:Security Audit

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche


To ensure a smooth and secure operation we recommend to perform a security audit of the Cryptshare server at regular intervals. This is to ensure that the Cryptshare server application and the confidential information it hosts are located in a server environment that is exposed to as few risks as possible.


In accordance with the Least Privilege principle, access to systems and directories should be restricted as much as possible:

  • Only as many people should be granted access to the Cryptshare server as is absolutely necessary for its operation.
  • Read access to the directories used by Cryptshare (see article Default Installation Paths) should be limited
    • to the users root and csuser and the group csgroup on Linux
    • and on Windows to administrator users.
  • Virtual appliances should be configured so that the Cryptshare directories are not accessible via the administration console or by accessing the virtual hard disk.