10 Minute Guide to Lotus Notes Mail 4.5
- 22 -
Understanding Security
In this lesson, you learn about the Access Control List and how it affects you. You also learn how encryption and signatures protect your documents.
Passwords
Your first line of defense in keeping your system and mail secure from unauthorized people is your password. When you access the Lotus Notes server the first time you start Notes, you see a prompt asking you to enter your password. You won't see what you are typing, but then neither can anyone else.
Your password can be any combination of keyboard characters, as long as the first character is a letter of the alphabet. Make your password at least eight characters long, and remember that passwords are case-sensitive. The password "INFONUT" is different than the password "infonut."
You can change your password at any time:
- 1. Choose File, Tools, User ID from the menu (see Figure 22.1).
Figure 22.1
The User ID dialog box.
- 2. Enter your current password if you are
asked and then click OK.
- 3. Click the Set Password button.
- 4. Enter your new password.
- 5. Click OK.
- 6. Type the password again, exactly as you did the first time, to confirm it.
- 7. Click OK.
- 8. Click Done.
- 3. Click the Set Password button.
The user ID is a file created when the Notes administrator first registers you as a user. When you start up Lotus Notes on your computer for the first time, that file transfers to your computer and by default is placed in the \Notes\Data directory or folder. You want to be careful to protect that file, since someone else could use it to pretend to be you on the Lotus Notes network. If your computer operating system is password protected, that may be enough. But if your computer is accessible to several people, you might want to move it out of your computer onto a floppy disk for safekeeping. If you ever suspect it is lost (along with your stolen laptop), you should report it to the Notes administrator.
The Access Control List
Lotus Notes has several features designed to limit access to documents, views, databases, or servers. For example, only authorized personnel are permitted to delete databases from the server, design applications, open certain documents, or read designated fields. The Notes administrator or the Application Designer controls most of this. What you are authorized to do depends on your status in the Access Control List.
To
find your level of access for a particular database, click the database icon to select
it; then click the Access Key button on the status bar.
A dialog box appears that tells you what your access is (see Figure 22.2). To see
your access, highlight your name in the list box.
Figure 22.2
The Groups and Roles dialog box.
You may be granted any one of seven levels of access to a database:
- No Access Denies you access to the database. You can't read any of the
documents in the database and you can't create new documents. In fact, you cannot
add the database icon to your workspace if you have do not have access.
- Depositor You can create documents but can't read any of the documents
in the database--including the ones you create yourself. You might be granted this
access level to cast a ballot in a voting database, for example.
- Reader You can read the documents in the database, but you can't create
or edit documents. You might have this level of access to a company policy database,
so you can read policies but can't create or change them.
- Author As an author, you can create documents and edit your own documents.
However, you can't edit documents created by others even though you can read them.
- Editor You can do everything an author does, plus you can edit documents
submitted by others. A manager who approves the expense reports submitted by others
needs editor access to those documents.
- Designer A designer can do everything an editor does, but can also create
or change any design elements of the database. In order to create a new call report
database in Notes, for instance, you would have to be a designer.
- Manager Can access everything a designer can. A manager can also assign and modify the access control list (ACL), modify replication settings, and delete a database from the server.
You will probably have at least reader access to the Public Address Book, while you have manager access to your personal address book. It's wise to limit the number of people who can modify the Public Address Book, so everyone in the company is properly listed and no one is accidentally deleted. However, you can do whatever you like to your own Personal Address Book because you aren't sharing it with anyone.
Encryption
When you want to keep your mail private, encrypt it. Encrypting scrambles your message so it can only be read by the person receiving it.
Each Lotus Notes user has a unique private and public key that Notes stores as part of the ID file. The public key is also stored in the person document for each user in the Public Address Book. When someone sends you a mail message and chooses to encrypt it, Notes uses your public key from the Public Address Book to encrypt the message. Now, no one but you can read it. At the delivery end, Notes uses your private key from your ID file to decrypt the message so you can read it.
To encrypt a mail message:
- 1. Create the memo.
- 2. Click the Delivery Options button on the Action bar. The Delivery Options dialog box appears (see Figure 22.3).
Figure 22.3
The Delivery Options dialog box.
- 3. Check Encrypt.
- 4. Click OK.
To encrypt all the mail messages you send:
- 1. Choose File,
Tools, User Preferences.
- 2. In the User Preferences dialog box (see Figure 22.4), click the Mail icon.
Figure 22.4
User Preferences with Mail selected.
- 3. Check Encrypt sent
mail.
- 4. Click OK.
If you want to encrypt all the mail that comes to you:
- 1. From the workspace, double-click the icon
for your Public Address Book to open it.
- 2. Double-click the People folder to open it.
- 3. Open the document that shows your name (your person document).
- 4. Choose Actions, Edit Person.
- 5. In Encrypt Incoming Mail, enter Yes.
- 6. Save and close the document.
- 7. Close the Public Address Book.
- 2. Double-click the People folder to open it.
Panic Button: Can't Save Your Person Document? If you can't save the document or you can't make the change, you'll have to ask your Notes administrator to do it for you. You may not have sufficient access to the Public Address Book to make modifications, not even to your own person document.
Signatures
When you want the recipient of your mail message to know that it is coming from you, add a digital signature to your message to let your recipient know that no one has tampered with your message. Even if someone obtains a copy of your Notes user ID file, that person cannot forge your signature with it.
To sign an individual message:
- 1. Create a memo.
- 2. Click the Delivery Options button on the Action bar.
- 3. The Delivery Options dialog box appears (see Figure 22.3).
- 4. Check Sign.
- 5. Click OK.
- 2. Click the Delivery Options button on the Action bar.
If you want to add a signature to all your messages:
- 1. Choose File,
Tools, User Preferences.
- 2. Click the Mail icon (see Figure 22.4).
- 3. Check Sign sent mail.
- 4. Click OK.
- 2. Click the Mail icon (see Figure 22.4).
In this lesson, you learned about Lotus Notes security and how to secure your own mail by using encryption and signatures. In the next lesson, you learn about setting up Notes for use outside the office.
©Copyright, Macmillan Computer Publishing. All rights reserved.