Determining Access Control and Security Requirements

To decide what type of access control and security you need, ask yourself the following questions:

• What type of information will be stored on the server?
• How critical is the privacy of this information to my organization?
• Who does and does not require access to this information?
• Will some information be private and some information public?
• Will some information be shared with people outside of my organization?

Your answers to these questions determine your access control and security requirements.

By default, access control is turned off. Any user can read and post to your server. Open or unrestricted access is common in intranet environments where users are known and trusted. If you require other access control, you must modify the access control settings.

To determine what tasks you must perform to provide the appropriate level of access control for your server, refer to Controlling Access to Your Server.To determine what tasks you must perform to provide the appropriate level of access control for discussion groups, refer to Managing Discussion Groups.

By default, security features are disabled. If you require security, you must modify the security settings. If your network communicates with networks outside of your organization, consider using authentication, encryption, and firewalls. For more information about security, refer to Securing the NetWare News Server.