Results 1 to 8 of 8
  1. #1
    New Lounger
    Join Date
    Jan 2001
    Location
    Essex, UK, England
    Posts
    21
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Word 97 Security Question (MS Word 97 SP2)

    One of my users wants to spend a lot of money buying 70-odd users copies of Adobe Acrobat because she doesn't like the security features in MS Word.

    Our HR department make a series of Job offer letters, pension revision letters, disciplinary letters etc. etc. using templates we've created in Word. The contents of the documents are obviously confidential and legally binding. The documents are saved with the Read-Only attribute set, but she's concerned that people can still amend a letter after sending, save it as another filename, delete the original and rename the copy to take it's place. This is the reason why she feels she needs to buy everyone a copy of Adobe Acrobat, (I haven't the heart to explain to her that this scenario is equally valid for Acrobat, but that's another story).

    There's an option in Lotus Notes called "prevent copying" which, when checked, means the recipient of an email message so configured can't print or forward or reply-with-history. The effective result of this is that the received document is "for eyes only". I don't want to go this far with our Word documents but would like a partial solution which would prevent the Save As... function working on a document by document basis.

    Is this feasible? I know it's possible to remove the menu item altogether, but this would affect all documents and there are some for which "Save As..." is a perfectly acceptable action.

    I can't help feeling I've overlooked something glaringly obvious in trying to work out a solution for this and that, when one of you eminent loungers suggest one, I'll kick myself for not thinking of it myself.

    Any ideas...?

  2. #2
    Bronze Lounger
    Join Date
    Feb 2001
    Location
    England
    Posts
    1,306
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Word 97 Security Question (MS Word 97 SP2)

    Encrypt your original documents, and supply the decryption password to your employees on a need-to know basis. The encryption need not be anything fierce, and there are freeware programs that will do it. No-one unauthorised can then replace the originals, though they would still be able to do much of the other stuff you mention. If you have the unaltered originals, you'd be fairly sure of your ground if someone challenged their content.

    I believe there is software which can make a folder look like a safe. Only those with the key can get into it : a more graphical working of the same idea.

    Rgds

  3. #3
    KTYorke
    Guest

    Re: Word 97 Security Question (MS Word 97 SP2)

    Steve
    I agree your co-worker to an extent...

    PDFing a document would be a nice work around for documents that you don't want people to change or save as or anything. There are options to password protect different features within the PDF file itself that would make it doubly difficult to mess with. However, I agree with you that if someone wants it bad enough, it can be un-done. Anything can... I believe the saying goes, "Locks are made for honest people..."

    If the price of all those Adobe versions is making you worry, depending on how often these documents are sent out, I would maybe consider buying two or three versions instead of one for everyone. Maybe have a common machine that people can go to to PDF their documents. (we have that. Since 8 of us, with at least 4 projects each at any given time, are never done with a project at one time, there has never been a time where we were fighting over who got to use Adobe or any of the other programs limited to that machine only.)

    The only way I see that would provide your co-worker's total sense of security and confidentiality is to print it out herself, (why send it electronically in the first place? See saying above.) sign it where appropriate and FedEx it same business day...

    hope that helps...
    have fun

  4. #4
    Super Moderator
    Join Date
    Dec 2000
    Location
    New York, NY
    Posts
    2,970
    Thanks
    3
    Thanked 29 Times in 27 Posts

    Re: Word 97 Security Question (MS Word 97 SP2)

    Steve,

    Just following on KT's suggestion that only hard copies be sent to recipients: presumably it's already the case that these sorts of sensitive documents are only being delivered to the recipients in hard copy? If not, then the problem is solved by only delivering hard copies.

    If 'hard-copy delivery only' is already the case, then who are the people who may be pursuing devious practices with the originals? - presumably not anyone outside HR ('cause no one but HR (and maybe network admin) can gain access to HR's directories, right?).

    If the problem is that individuals within HR are suspected of these practices, then maybe a software solution isn't really what's needed.

    Gary

  5. #5
    Platinum Lounger
    Join Date
    Feb 2001
    Location
    Yilgarn region of Toronto, Ontario
    Posts
    5,453
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Word 97 Security Question (MS Word 97 SP2)

    I agree with merc, KTYorke and Gary, and add the following:

    > (I) would like a partial solution which would prevent the Save As... function working on a document by document basis.


    Over in the VBA forum there are snippets of code that replace menu commands. It's easy to substitute your own "Save As" for the regular Word command. Within your SaveAs you could have password checking, or test the workstation identifier or whatever.

    In the same VBA forum there are snippets of code that show you how to store a macro in a DOCument, rather than in a template, so you could have these preferential documents carrying their own SaveAs command, inhibiting general users from ever saving copies of them.


    Unless, as has been pointed out, you have malicious experts within your company, in which case you have a different problem.

  6. #6
    BAM
    Guest

    Re: Word 97 Security Question (MS Word 97 SP2)

    Hi Steve,

    Yes, the Lotus Notes feature is pretty cool, however one can always take a screen shot of the message or use a PasteLink and allow the recipient read access to their folder if they really want to share the message with someone else without retyping it.

    So just about everything can be circumvented.

    The main problem(s) I see with using VBA to disable Save As is the macros can be easily disabled and one doesn't have to know a lot about Word to do this.

    In Word 97, if the virus protection is enabled under Tools/Options/General, the user gets the "This document contains macros" message and can easily disable the macros.

    In Word 2000, if the security setting is set to High, the macros will not run at all.

    And then for those that are more advanced and know what they are doing, they can create a new file and use Insert/File to insert the contents of document. An then there are the methods you already mentioned, the physical file itself. Or if the read only attribute has been set in Windows, one can just remove the attribute.

    If the integrity of the documents needs to be kept then it sounds like hard copies, PDF, or electronically signing the documents with something like Verisign, is the way to go.
    ~~~~~~~~~~~
    Cheers! <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

  7. #7
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Cairns, Queensland, Australia
    Posts
    885
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Word 97 Security Question (MS Word 97 SP2)

    Just to add to the general theme. Our Group Director of HR, with strong connections industry wide also when down this road.

    He finally concluded that, as above, the safest method is the paper-based version, counter signed by the recipient if you really want to be pedantic.
    Granville

  8. #8
    Silver Lounger Charles Kenyon's Avatar
    Join Date
    Jan 2001
    Location
    Sun Prairie, Wisconsin, Wisconsin, USA
    Posts
    2,049
    Thanks
    124
    Thanked 119 Times in 116 Posts

    Re: Word 97 Security Question (MS Word 97 SP2)

    It looks as if you are working on two parallel problems here: Alteration of the document by the recipient and alteration by the sender.

    I vote for paper-only for the recipient (who could still mess with things - counterfeiting is an old trade). For the sender - to protect record in case of litigation and assure that it will be believed - ? - encryption is good as is the old method of mailing a copy to yourself and keeping the envelope sealed.

    Counter-signed copies also a good idea. Again, counterfeiting and forgery are not new ideas and can be made much easier with digital technology.
    Charles Kyle Kenyon
    Madison, Wisconsin

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •