Protect mail boxes (messages) from administrator access

HCL Domino Domino Forum
1

Hello,

Is it possible to completely protect user messages from Administrator access?

In my opinion it is not possible or very difficult to make.

Domino environment is complex - Notes Clients roaming, iNotes, Traveler.

Few users would like to have sure that administrators will not have access to their mail boxes and messages content.

Users are sending both internal and external messages.

I thought about encryption fe. Notes Encryption or / and S/MIME but - where to store public key? Administrator has access to roaming files so keeping it in names.nsf is not an option.

Thank you in advance for any help.

Maurice G.

2

Subject: Re; Some questions

Hello Maurice!

From Domino side, technically it is possible! But it is not recommended.

I have some questions to you:

  • How to make a troubleshooting, if necessary, with no access to databases?
  • Has the administrators access physically on servers that these database resides?
  • Has the administrators access on backup copy to make a new copy locally and access these databases?
  • Has the administrators access on ID Vault (if used) or some repository of IDs with a standard password and/or access to recover a password?
  • With access to create new users, the administrators could create a new one with full access.
  • If administrators has access on Domino configurations, could create a configuration of Journal to “create a copy” of all messages that wants.

And many other possibilities.

Best regards!

Rodrigo de San Vicente

3

Subject: Response

Domino is based on a model with trusted administrators. Most things that you could do to prevent an admin from having access would also then prevent the admin from fixing an issue should one arise. Is there a particular reason why you don’t want the admin to have access?