A couple options come to mind:
1) use NT security to only provide "write" access for these global files to the appropriate individuals
2) Use a Copy Files Action and the suggestions
here to copy the common global file(s) to a temp (local) location then load them from that alternate location at the start of every build. Then changes will only be persisted to the temp copy and not the global master(s)...