We have some sensitive documents on a windows 2008 R2 file server. They aren't held within a "shared" folder, and can only be accessed via the server itself, i.e. local console access or remote desktop.
However the directory ACL does allow access to builtin\users group, which from what I can gather on member servers includes domain users group. As it isn't a shared folder, and those with OS level access with be trusted admins only - is there any risk? I wasn't
sure of any other techniques/services users may try to get access to the data if it isn't a share or they don't have OS access (either local or via remote desktop software), as they cant just map the directory. I am pretty sure unless its a share you cant
just map access to this folder from your PC.
I didnt know if there were any other drivers/services that may be used to get file system access to the server, and then if the documents are accessible (via the ACL) to your domain account you may still have access to the docs. any views on this most welcome