Microsoft helps firms secure Office 2007

Microsoft helps firms secure Office 2007

Office 2007 Security Guide automates security settings through Active Directory

Microsoft is scheduled to release a tool and documentation that helps businesses to better tweak the security settings of Office 2007.

The Office 2007 Security Guide is slated for on Tuedsay at the Microsoft TechEd conference in Barcelona. In addition to detailed documentation of the security settings that are available in Office 2007, the programme also offers a Group Policy Object Accelerator, a free tool that allows administrators to change and set security policies across users through Active Directory.

Where previous versions of Microsoft Office allowed users to apply broad ranging security settings, Office 2007 introduced features that can be controlled at a granular level. The application offers 1,500 settings, 300 of which relate to security.

In previous versions of Office, administrators could enable or disable macros. Macros are considered a potential security risk, but many firms rely on them to automate tasks.

Office 2007 therefore supports trusted folders, where administrators can place documents that are pre-approved to be use macros. Or they can allow macros in Excel only, or for employees in a certain group.

Administrators or security architects can also block access to certain web services. Office 2007 for instance offers an automated translation tool that relies on internet access, and therefore could be perceived as privacy risk.

"The idea is to make security approachable to everyone," Joshua Edwards, technical product manager for Microsoft Office said.

"It is hard to configure what you are not aware of. It's about understanding what your options are and how you can implement those together."

The Group Policy Object Accelerator offers two choices of basic settings that are based on common security situations. The Enterprise Client settings will appeal to most businesses, while highly secure operations are expected to go for the so-called Specialized Security Limited Functionality settings.

Users seeking even more granular control can dive in even deeper and adjust each of the 300 security settings to fit their needs. The documentation that accompanies the tool will point out any interdependencies between settings.

Microsoft offers similar tools for Windows Vista and Windows XP. Edwards said that the software developer has been approached by client management software vendors. Companies like Altiris or LANdesk would be interested in automating the security settings through their management software as well.