Understanding security threats
Office for Mac 2011 will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see these resources.
Applies to: Office for Mac 2011
Topic Last Modified: 2012-06-08
To establish a secure computing environment, you must make sure that your applications and data are not vulnerable to malicious attacks. By using the security options in Office for Mac 2011, you can establish a security-enhanced environment by limiting the possible avenues of attack.
This guide presents many different methods to help you limit direct attacks on data from external and internal sources. An important part of implementing these methods is training users about how to protect themselves and the company from attack. Such training can build user awareness of security issues, and establish ownership of the data that users want to protect. For example, you can educate your users to distinguish between low-risk files and high-risk files. Low-risk files can be internal documents that may not contain malicious content, such as documents from colleagues or business partners. High-risk files are documents from unknown people or documents that pass through an unsecured Internet connection. It is important that users know how to evaluate risks and mitigate potential security threats. Users should treat low-risk and high-risk files differently.
Warning
There are no administrative settings that allow you to enforce security preferences that you specify. Even if you set and deploy security preferences, users can change these preferences at a later time. Therefore, if you are deploying security settings as part of your organization's policy, you must educate your users about the risks associated with changing default settings. Without proper training, users can expose an organization to unauthorized or malicious use of its data. Establishing a corporate policy for how files are distributed and handled helps mitigate security vulnerabilities caused by untrained users.
Before you plan and implement a security-enhanced environment, it is important to understand the types of potential security threats in today’s computing environment. The rest of the Security in Office for Mac 2011 section addresses how to plan for a secure computing environment and how you can configure the security options in Office 2011 to help address security concerns.
Privacy threats
Many documents contain metadata that should be protected, including text marked as "hidden", author name, and tracked changes. This metadata is useful because it enables users to track document property data. However, in some cases users might not want to expose the metadata when the document is distributed. By exposing the metadata, users become vulnerable to privacy threats. Privacy threats include any threat agent that discloses or reveals personal or private information without the user’s consent or knowledge. Word 2011, Excel 2011, and PowerPoint 2011 allow users to strip out sensitive metadata when the file is saved. With Outlook for Mac 2011, you can use Internet-standard S/MIME security extensions. S/MIME allows users to digitally sign and encrypt e-mail messages and attachments to help protect them against tampering or eavesdropping.
For more information about planning and configuring security options that mitigate privacy threats, see the following topics:
Document threats
If your organization allows users to send and receive documents over the Internet, or if you believe there are potential risks to users' documents from any unauthorized source, you should take the necessary precautions against document threats. When intruders or attackers gain access to proprietary information, it might result in the loss of confidentiality or document data. Users can mitigate document threats if they use the password protection feature to encrypt documents in Excel 2011 and Word 2011.
Note
There are no administrative settings that enable you to force users to encrypt documents.
For more information about configuring document protection settings that mitigate document threats, see Configure document protection settings in Office for Mac 2011.
Code threats
If you connect to the Internet or allow others to use your computer, it is important that you take the necessary steps to protect your system from harm, including attacks from malicious software. Code and application threats pose a potential risk if your organization allows users to:
Run macros or add-ins.
Receive e-mail attachments.
Share documents across a public network, such as the Internet.
Open documents from sources outside your organization, such as clients, vendors, or partners.
Excel 2011, Word 2011, and Outlook for Mac 2011 allow the use of strong encryption to help protect the contents of documents so that they're unreadable by unauthorized people.
For information about configuring security settings for macros, see Configure security settings for macros in Excel for Mac 2011.