How to protect your MS Office documents
Work And Study Technologies / / December 19, 2019
If you are using Microsoft Office 2007 and concerned about the safety of your documents, it is necessary to remember that in this package, as well as the operating system is already integrated a variety of technologies to help securely protect documents from unauthorized access, interception during transmission, can restrict access to the documents for different users. It is unlikely that the majority of users uses something more, rather than setting a password for the document, in that I remind you of all kinds of protection.
Document encryption Microsoft Office 2007 forces
Actually, the most popular method of protection enjoyed by all - to set a password. The file can not be read if you do not know your password. Now there are many programs-lomalok that are made for the opening of the password, not all and not always are effective, but the possibility is not ruled out hacking.
Digital signature
Digital signature - it is about the same as a conventional signature notarized. Only the signature is not notarized, and given special organization - the Certification Center.
Certificate Authority (CA). Commercial organization, issues digital certificates to keep track of whom they have been assigned, signing certificates to verify their authenticity and tracking the expiration of the issued certificates and their recall.
A digital signature can be added to the document as a visible and non-visible (surprise!). Yes, to get it, you need to contact the third-party organization, but it is the only legitimate way to consolidate the authorship of the document and protect from theft and modifications. It should be remembered that the digital signatures that are inserted in Microsoft Office 2007 document, do not have backward compatibility in the documents for the programs of previous versions.
After installing the digital signature it becomes read-only. In Microsoft Office 2007 includes the ability to collect more signatures to the same document, for example, to sign statements the issuance of salary you can set the signature requirement of the chief accountant, head of the company and head of the department. Very interesting and promising protection is not extended to the territory of ex-USSR, more information about which can be obtained here: http://office.microsoft.com/ru-ru/excel/HA100997681049.aspx.
Now let's move from the technology built into the office, to the technologies available in Windows XP and above.
Information Rights Management
IRM - a service management of rights of access to data, designed for Microsoft Office applications associated with the service Rights Management Services - Rights Management Services. Windows RMS Service provides pass-through protection and control over who has the ability to read, print, edit, send, or copy documents.
IRM - it is information protection technology (not network security technology), which allows you to share documents and send them in messages e-mail, while providing complete control over the access to this information, determining who can view or alter it change. Once a document or e-mail message is protected with this technology, the specified rights to access and use will be constantly act no matter where in the future, this information will be used (even if the information is used outside the network organization). Since the IRM-protection is inseparably linked with the protected file, the restrictions on the use will always act.
For more information about IRM features can be on the site developers: http://www.microsoft.com/rus/technet/articles/office/4134.mspx.
IPSec
IPSec - Internet Protocol Security, encryption method, which is used during network data transfer. The technology allows you to encrypt data only during the actual transmission, the protection ends at the moment when the information reaches the destination. Details and specifications - from the developers: http://technet.microsoft.com/ru-ru/library/cc757613.aspx.
Along with the technology to encrypt data during transmission, there is also a local data encryption.
Encrypting File System
EFS allows you to encrypt files and folders within a single operating system by restricting access to the files to certain users. But it has drawbacks - before you send over the network file system decrypts it. The system is available in the server business cases, does not exist in versions for home users (for example, in Windows XP Home Edition it is not). More information about the system works can be found here: http://ru.wikipedia.org/wiki/Encrypting_File_System.
And another technology that allows you to encrypt data locally, introduced in Windows Vista - BitLocker. It allows you to encrypt the system drive completely, thus protecting the content with otatak off, which are designed to receive data, bypassing the operating system.
BitLocker uses AES algorithm with 128-bit key. For greater reliability, the key length may be increased to 256 bits using a Group Policy through the provider or Windows Management Instrumentation (WMI) for BitLocker.
Very good and the system is described in detail here: http://www.securitylab.ru/analytics/296866.php.
I hope that this post will enhance your look at ways to save documents. By the way, you do not know how (where, from whom) can be digitally signed and Ukraine in Russia?