Export (0) Print
Expand All

Configure privacy options in the 2007 Office system

Office 2007

Updated: February 12, 2009

Applies To: Office Resource Kit

 

Topic Last Modified: 2010-03-25

You can configure privacy options by using the Office Customization Tool (OCT) and the Group Policy Object Editor.

The recommended guidelines in the following sections are based on the Enterprise Client (EC) environment rather than the Specialized Security Limited Functionality (SSLF) environment. The EC environment represents an organization that has typical security needs. It is suitable for midsize and large organizations that seek to balance security and functionality. The SSLF environment represents a less typical organization, one in which security is paramount. It is suitable only for midsize and large organizations that have stringent security standards, for which security is more important than application functionality.

For a list of all configurations, see the 2007 Microsoft Office Security Guide (Threats and Countermeasures: Security Settings in the 2007 Office System) (http://go.microsoft.com/fwlink/?LinkID=113957).

Before you begin configuring settings, be sure you meet the planning requirements, administrative requirements, and tool requirements that are described in this section.

  • Planning requirements   You must complete the following steps in the security planning process before you can effectively configure privacy options:

    Choose a deployment tool for security settings and privacy options in the 2007 Office system

    Evaluate default security settings and privacy options for the 2007 Office system

    Plan privacy options in the 2007 Office system

  • Administrative requirements   The following table lists the administrative credentials that are required to perform settings configuration actions.

     

    To perform these actions You must be a member of these groups

    Run the OCT

    Administrators group on the local computer

    Configure local Group Policy settings with the Group Policy Object Editor

    Administrators group on the local computer

    Configure domain-based Group Policy settings with the Group Policy Object Editor

    Domain Admins, Enterprise Admins, or Group Policy Creator Owners

  • Tool requirements   It is assumed that you:

    • Understand how to use the OCT to customize the 2007 Microsoft Office system. For more information about the OCT, see Office Customization Tool in the 2007 Office system.

    • Have created a network installation point from which you can run the OCT.

    • Understand what Administrative Templates (that is, .adm files) are.

    • Have loaded the Office 2007 Administrative Templates into the Group Policy Object Editor.

The following procedures show how to use the OCT to maximize the protection of private and personal information.

Maximize the protection of metadata in Office Open XML Formats files
  1. In the left pane of the OCT, under Features, click Modify user settings.

  2. In the tree view of the OCT, open Microsoft Office 2007 system, and click Security Settings.

  3. In the details pane, double-click Protect document metadata for rights managed Office Open XML Files, click Enabled, and click OK.

  4. In the details pane, double-click Protect document metadata for password protected files, click Enabled, and click OK.

Maximize the protection of private and personal information in the Office 2007 release
  1. In the left pane of the OCT, under Features, click Modify user settings.

  2. In the tree view of the OCT, open Microsoft Office 2007 system, open Privacy, and click Trust Center.

  3. In the details pane, double-click Enable Customer Experience Improvement Program, click Disabled, and click OK.

  4. In the details pane, double-click Automatically receive small updates to improve reliability, click Disabled, and click OK.

  5. In the tree view of the OCT, open Microsoft Office 2007 system, open Tools|Options|General|Services Options, and click Online Content.

  6. In the details pane, double-click Online content options, click Enabled, and in Online content options, click Never show online content or entry points.

  7. Click OK.

Maximize the protection of private and personal information in Office Word 2007 documents
  1. In the left pane of the OCT, under Features, click Modify user settings.

  2. In the tree view of the OCT, open Microsoft Office Word 2007, open Word Options, and click Security.

  3. In the details pane, double-click Warn before printing, saving, or sending a file that contains tracked changes or comments, click Enabled, and click OK.

  4. In the details pane, double-click Make hidden markup visible, click Enabled, and click OK.

  5. In the details pane, double-click Store random number to improve merge accuracy, click Enabled, and click OK.

Maximize the protection of private and personal information in Office PowerPoint 2007 documents
  1. In the left pane of the OCT, under Features, click Modify user settings.

  2. In the tree view of the OCT, open Microsoft Office PowerPoint 2007, open PowerPoint Options, and click Security.

  3. In the details pane, double-click Make hidden markup visible, click Enabled, and click OK.

The following procedure shows how to use the OCT to suppress the first-run Privacy Options dialog box.

Suppress the first-run Privacy Options dialog box
  1. In the left pane of the OCT, under Features, click Modify user settings.

  2. In the tree view of the OCT, open Microsoft Office 2007 system, open Privacy, and click Trust Center.

  3. In the details pane, double-click Enable Customer Experience Improvement Program, click Enabled, and click OK.

  4. In the details pane, double-click Automatically receive small updates to improve reliability, click Enabled, and click OK.

  5. In the tree view of the OCT, open Microsoft Office 2007 system, open Tools|Options|General|Services Options, and click Online Content.

  6. In the details pane, double-click Online content options, click Enabled, and in Online content options, click Search online content whenever available.

  7. Click OK.

You can deploy privacy options by using the Setup program or by using the Windows Installer program. For more information, see Run Setup for the 2007 Office system on users' computers and Change users' configurations after installing the 2007 Office system..

The following procedures show how to use the Group Policy Object Editor to maximize the protection of private and personal information.

Maximize the protection of metadata in Office Open XML Formats files
  1. In the Group Policy Object Editor tree, navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office 2007 system/Security Settings

  2. In the details pane, double-click Protect document metadata for rights managed Office Open XML Files, click Enabled, and click OK.

  3. In the details pane, double-click Protect document metadata for password protected files, click Enabled, and click OK.

Maximize the protection of private and personal information in the Office 2007 release
  1. In the Group Policy Object Editor tree, navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office 2007 system/Privacy/Trust Center

  2. In the details pane, double-click Enable Customer Experience Improvement Program, click Disabled, and click OK.

  3. In the details pane, double-click Automatically receive small updates to improve reliability, click Disabled, and click OK.

  4. In the Group Policy Object Editor tree, navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office 2007 system/Tools|Options|General|Services Options/Online Content

  5. In the details pane, double-click Online content options, click Enabled, and in Online content options, click Never show online content or entry points.

  6. Click OK.

Maximize the protection of private and personal information in Office Word 2007 documents
  1. In the Group Policy Object Editor tree, navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office Word 2007/Word Options/Security

  2. In the details pane, double-click Warn before printing, saving, or sending a file that contains tracked changes or comments, click Enabled, and click OK.

  3. In the details pane, double-click Make hidden markup visible, click Enabled, and click OK.

  4. In the details pane, double-click Store random number to improve merge accuracy, click Enabled, and click OK.

Maximize the protection of private and personal information in Office PowerPoint 2007 documents
  1. In the Group Policy Object Editor tree, navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office PowerPoint 2007/PowerPoint Options/Security

  2. In the details pane, double-click Make hidden markup visible, click Enabled, and click OK.

The following procedures show how to use the Group Policy Object Editor to suppress the first-run Privacy Options dialog box and the first-run Sign up for Microsoft Update dialog box.

Suppress the first-run Privacy Options dialog box
  1. In the Group Policy Object Editor tree, navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office 2007 system/Privacy/Trust Center

  2. In the details pane, double-click Enable Customer Experience Improvement Program, click Enabled, and click OK.

  3. In the details pane, double-click Automatically receive small updates to improve reliability, click Enabled, and click OK.

  4. Navigate to the following:

    User Configuration/Administrative Templates/Microsoft Office 2007 system/Tools|Options|General|Service Options/Online Content

  5. In the details pane, double-click Online content options, click Enabled, and in Online content options, click Search online content whenever available.

  6. Click OK.

Suppress the first-run Sign up for Microsoft Update dialog box
  1. In the Group Policy Object Editor tree, navigate to any of the following settings:

    Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings/Turn off access to all Windows update features

    User Configuration/Administrative Templates/Windows Components/Windows Update/Remove access to use all Windows Update features

    User Configuration/Administrative Templates/Start Menu and Taskbar/Remove links and access to Windows Update

  2. In the details pane, double-click the setting to which you navigated.

  3. Click Enabled, and then click OK.

This topic is included in the following downloadable book for easier reading and printing:

See the full list of available books at Downloadable content for the 2007 Office Resource Kit .

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft