Security and Privacy for Microsoft Office 2010 Users

Everyone working with MS Office documents that are shared with anyone else should read this book.

My Rating: yesyesyesyesno





Security is perhaps the furthest thing from the thoughts of most people writing word documents and creating spreadsheets and slideshows. It is however something that impacts quite dramatically on them probably in ways that they will not expect. Just knowing that this book exists may change that perception and at least get people thinking about the security of their documents. Actually reading the book even for those still using an older version of Office will make these issues even clearer and may even be the factor that results in a decision to upgrade.

MS Office has had security issues ever since it became possible to share the actual documents themselves rather than the one person creating and printing it. With Office 2010 Microsoft has implemented fixes for most of these issues. In this book the author both explains what the various issues are and also how Office 2010 provides a way to resolve them.

The book covers security both from the viewpoint of those receiving a document so as to ensure that if it does contain anything harmful that it is prevented as much as possible from doing harm and also from the viewpoint of those who created the document in removing private information from the document before sending it, signing the document to make it obvious if someone else has changed it, and encrypting the document to restrict who has access to do what with the document.

Macro viruses are probably the security issue that Office users are most likely to be aware of if they are aware of any of the security issues in Office and the new features of Office 2010 that help to protect against such viruses are dealt with before moving on to deal with the other security issues that the reader is less likely to be aware of.

The book doesn't go into a great amount of detail as to why a lot of the information associated with documents needs to be removed prior to sending them to someone else. It could perhaps have given more examples of why not removing that information can be a bad idea. One such real life example from a few years ago was on a web site that contained research into smoking where the information that someone neglected to remove from the documents identified people working for cigarette companies as the original source of the documents. Another example is where the same document is to be sent to a number of different people where you don't want them to know who else has seen it - there have been cases of people sending out their CV to a number of employment agencies where the person at the agency is able to tell which other agencies you sent it to before you sent it to them.

The book does an excellent job of describing how Office 2010 has implemented features to remove some of the issues with people being able to amend documents you send them. What it doesn't cover is how signing the document doesn't provide complete protection against tampering. There is nothing in that facility that would prevent someone changing the document and then printing the changed version. The security measures that digitally signing a document provides does not carry over to print unless the person is also prevented from making any changes to the document at all. Of course encrypting the document and restricting what can be updated (as described in the last chapter) goes part way to resolving this issue so implementing everything the book describes does provide a solution to this issue but the book itself doesn't directly cover it.

For the typical MS Office user this book provides a lot of useful information on the security issues associated with the documents, spreadsheets, and slideshows that they are producing and how to resolve those issues using Office 2010. For those responsible for implementing the security policy the book provides a single source on what security measures are available in Office 2010 and how they can be used. Anyone who reads this book will be better placed to take the necessary responsibility for the security of their documents.

More Information from the Publisher

go to top

FaceBook Follow
Twitter Follow