A number of methods are used to protect important files. By important files, we mean such files as config.sys, autoexec.bat and other central configuration files. If a configuration file is changed by an unauthorized user, the authorized user must be informed of this when he or she logs on. A checksum is used for this purpose. It should be possible to configure the feature so that only the system administrator is able to log on after changes are detected in the checksums of specified files. There are two methods in widespread use for protecting files. The first is to set the DOS attributes of the files (read - archive - write, etc.). This is effective if the access control product is able to ensure that the user cannot change the attributes. The second method is to keep critical files open in the mode required. Certain files can therefore have read access and write access, or be hidden with neither read nor write access.
If the above options do not provide enough security for you, download Access manager for Windows.
Access manager provides much more security than standard ways in Windows.
More articles about Security