Your space to share ideas and get insight for maximizing productivity using Microsoft products.
Do you ever protect your MS files?
May 18, 2010 at 12:32 pm #100693
Like most people, I have easily produced hundreds of thousands of files using Microsoft Office products.But I have never once used the security features, such as adding a digital signature, encrypting the file or inspecting the document for hidden metadata or personal information.And I can count on one hand the number of times I have received a document with any kind of security options activated.So does anybody use that stuff? I would assume that many people in government do…
May 18, 2010 at 2:50 pm #100711
I routinely put passwords on spreadsheets to prevent others from opening them and getting at sensitive data. But I’m sure many would be well served by simpler instructions/tutorials on the basics of how to encrypt and let others use encrypted docs.
May 20, 2010 at 12:29 pm #100709
Ryan J VearParticipant
I routinely check the metadata on many of my contracting documents after one incident. Contractors will look for any edge they can get, and if you’re compiling questions from multiple contractors onto one document, they can see if you used someone else’s document as a starting point. It can be embarassing explaining why it looks like a competing contractor drafted solicitation documents.
I also protect documents if I’m sending them out and there’s no reason anyone should change them… Just a way to cover myself and others from inadvertant or deliberate tampering; just easier than having to make them into PDF’s.
May 20, 2010 at 12:39 pm #100707
Agreed. I think this is the next step, Wyatt…what kind of training is required to educate people about these features? A self-paced tutorial on MS Office Suite or a full day of security-related training across all potential products where sensitive information may be inadvertantly shared? I’m wondering if any agencies do this routinely…
May 20, 2010 at 12:40 pm #100705
Ha! As a former proposal writer, I wish I would have thought of that trick on all the solicitations we just knew were ‘wired’ for another vendor (and suspected they authored!)
May 20, 2010 at 6:02 pm #100703
Have used various security options for many years now…
Because of the virtual nature of my job, Leave requests, and time keeping have used digital signatures AND PKI to ensure CYA both for the employee and the Supervisor.
For many years I have played a role in access control and encryption has always been required because of the passing of Personal Identifying Information (PII) across the wire.
Will on occasion will protect a spreadsheet, like most, to insure insure reader does NOT mess up the formulas whether inadvertently or otherwise
Because a significant number of the documents I produce are produced by multiple users, prior to making them official documents every effort is made to remove all the metadata from the document, sure has been alot easier of the past 3 or 4 years with this capability built into the MS Office Suite.
Have used various addon’s in the past year or two which will search for and flag PII data to insure that every effort is made to protect this information.
May 20, 2010 at 6:08 pm #100701
Thanks, Henry! Have you seen any good instructions on how to do this stuff? Other than the standard “Help” info? Just curious….
May 27, 2010 at 8:43 pm #100699
Some Federal Agencies have deployed a technology called Windows Rights Management Services (RMS). RMS enables people to rights protect Office documents and Exchange emails. This protection include things like defining who can read a document, preventing it from being forwarded, printed, or even cut-paste and print screen.
May 28, 2010 at 10:22 am #100697
Both the federal organizations that I have worked for have set up formal training for protection of MS office files. When I worked for DOD (Prior to 2004) I conducted a full day class for implementation of Information Assurance which included how-to’s for all the above, Everybody in my division was required to take said course as part of the new employee orientation and I was a add-on to all “internal” MS Office training.
Although it wasn’t terribly cost effective, the majority of this training was conducted in the formal classroom setting
With my new organization, other than being an occasional student I have had no involvement in training. I have taken a couple of MS office courses and both of them included at least an hour on managing Meta Data. As far has other IA training the majority of the training that I am aware of is strictly web based teaching to the lowest denominator
May 28, 2010 at 10:31 am #100695
Have seen the same thing with Adobe files (PDF). Becomes rather awkward when attempting to share data, even internally. MOST users find a way around it because of the less than optimum skills of applying it by MOST users/owners of RMS managed documents
You must be logged in to reply to this topic.