Suposse I have a doc lib and I want that files in my library could only seen by me.
No access to farm admin
No access by web services
Any ideas?
there is no way to prvent him from accessing data. What we have in our environment is called separation of duties.
All Services Accounts password handled/maintained by the Windows Server Team, when SharePoint Team want some things to do on SharePoint server, they give us the session and login with the services account( that way we don’t know password).Â
also we have custom auditing for Central admin, which reads from ULS and IIS logs daily then generate an xml file. which tells our boss which ID access the critical area of the CA i.e changing the Site collection administrator, adding/removing the User from Policy for Web app or performing any backup etc.
other than that they get a signed paper that we will not access the confidential data without proper approval.
hope this help!
