Office 2007 Security Guide Now Available
I get asked all the time, "Greg, I know that I'm supposed to secure my environment, I just don't know what to secure. Can you help?"
Its a valid question. We get pushed all the time from managers on one side and vendors on another to ensure our environment has the best security possible. But knowing what we should do to lock down that environment is a challenge. Consultants everywhere will sell you ideas, but most of us would rather implment it ourselves (for free!).
To combat this, Microsoft continues its series of excellent Security Guides through the release of the Office 2007 Security Guide. This guide...
...like the others includes many of the configurations that you not only can, but should, implement to protect your Office installations from exploits. The knowledge is broken down into a set of five components that link together to tell you "the what". Much of this is implemented using Group Policy, which makes easy the central control of your security settings. The five components are described by the Microsoft web site as:
Executive Overview. This document summarizes for business and technical managers how the guidance and tools in this Solution Accelerator can benefit your organization.
Security Guide. This guide describes the security model for the 2007 Microsoft Office release as well as new security features and functionality. It includes recommended guidelines and best practices for implementing security settings for two different environments—an Enterprise Client (EC) environment, which seeks to balance functionality and security and is appropriate for most organizations, and the Specialized Security – Limited Functionality (SSLF) environment, which is only appropriate for organizations that require very strong security at the expense of application functionality. SSLF settings restrict some application features.
Threats and Countermeasures. This guide is a comprehensive technical reference that explains the security and privacy settings for the six referenced applications, their recommended configurations, and which threats they address. It also contains Common Configuration Enumeration (CCE) IDs for all the settings. CCE provides identifiers to system configurations to facilitate fast and accurate correlation of configuration data across multiple information sources and tools.
Security Settings spreadsheet. This Office Excel spreadsheet lists security settings for the six referenced applications and their recommended configurations for the EC and SSLF environments, as well as Common Configuration Enumeration (CCE) IDs for all the settings.
GPOAccelerator. This tool helps you automatically deploy security configurations for the 2007 Microsoft Office release across your organization. It can also be used to deploy security settings for Windows® XP and Windows Vista®.
If you're responsible for the security of your environment, you should read this document. Get your copy at:
http://www.microsoft.com/technet/security/guidance/clientsecurity/2007office/default.mspx
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine