Create a Security Lockdown Policy

Sensitive data should be accessible on a “need to know” basis, meaning that only a limited set of individuals, based on their roles, should have access to this sensitive data. Furthermore, Data Owners, those most familiar with the sensitivity of the data and who should have access to it, should be empowered to be the ultimate decision makers.

Once you have established the proper access permissions for a high-value target, you can establish the baseline of access permissions for the target path that will be strictly enforced through a Lockdown policy. When unauthorized access permission changes are made to the target path or its subfolders, the new permissions are removed and the permissions specified in the Lockdown policy are restored.