Expand your file-protection options via Microsoft Office 2007's Trust Center
The most recent version of the popular Office applications centralize security options and add a few new wrinkles.
One of the most notable additions to Microsoft's 2007 Office System was the Trust Center, which centralizes the security options in Word, Excel, Outlook, PowerPoint, and the other applications in the suite. Of course, this being Office, it figures that many of the most important security features--including the new Document Inspector--also reside elsewhere.
To open the Trust Center in the 2007 versions of Word, Excel, PowerPoint, and Access, click the Office button, select the Options button at the bottom-right of the window, choose Trust Center in the left pane, and click the Trust Center Settings button in the right pane. In Outlook 2007 and Publisher 2007, click Tools > Trust Center.
The security options presented in the Trust Center vary from program to program, but you'll likely want to start by clicking the Privacy Options button. The third and fifth options under Privacy Settings in the right window are checked by default: Download a file periodically that helps determine system problems; and Check Microsoft Office documents that are from or link to suspicious Web sites (this last option is missing in Outlook 2007).
The 2007 versions of Word, Excel, PowerPoint, and Publisher list an option to remove personal information from file properties on save (this may be grayed out), as well as a Document Inspector button, which searches the file for comments, revisions, and hidden metadata. You can also access the Document Inspector in Word 2007, Excel 2007, and PowerPoint 2007 by clicking the Office button and choosing Prepare > Inspect Document.
Listed under the Trusted Publishers tab are the companies and organizations whose macros and add-ins have an approved digital signature. With Office 2007's default security settings selected, you see a warning in the Message Bar at the top of the file window whenever a macro or add-in from an entity not on this list tries to run. Click the Options button on the bar to open the Security Options dialog box, which provides information on the blocked content. Here you can choose to let the add-in run, trust all files from the publisher, or block it (the default setting). You can also click Show Signature Details to view more information.
You can also choose to allow all files from specific folders or other locations to open with no security warnings. Just click the Add new location button in the Trusted Locations window and enter the folder or network path, if you check "Allow Trusted Locations on my network (not recommended)" at the bottom of the window. Microsoft warns against enabling this option for a reason: It provides malicious VBA scripts entering via this location unfettered access to your applications, where they can wreak all sorts of havoc.
The other Trust Center Settings tabs let you disable all add-ins, or adjust your macro and ActiveX settings. The default settings meet the needs of most users: "Prompt me before enabling all controls with minimal restrictions" for ActiveX, and "Disable all macros with notification" ("Warnings for signed macros; all unsigned macros are disabled" in Outlook 2007).
Outlook 2007 adds the E-mail Security dialog box, where you can choose to encrypt outgoing messages and attachments, and to read your incoming mail as plain text rather than as HTML. This option helps prevent malicious content in a message from running automatically (see), and you can view the HTML version of messages from people you trust by clicking the warning at the top of the of the window and choosing Display as HTML.
Many of the permission-restricting options in Office 2007 apps require Microsoft's Information Rights Management/Windows Rights Management Services, but you can limit who can read and work on your files without these services in Word 2007 by clicking Review > Protect Document > Restrict Formatting and Editing. In Excel 2007, click Review and choose one of the "Protect" options in the Changes area of the ribbon. You can restrict the Word styles that can be used, or password-protect the file, though the user-authentication options once again require IRM/WRMS. You can also assign a password to a file in Word, Excel, and PowerPoint by clicking the Office button, choosing Save As, clicking Tools at the bottom of the Save As dialog box, choosing General Options in the drop-down menu, entering the password, and clicking OK.
Tomorrow: keep your passwords in order, with or without a password manager.