Security Guide
Published: November 11, 2007 Welcome to the 2007 Microsoft Office Security Guide. This guide provides prescriptive guidance for identifying risks and mitigating security threats that relate to the 2007 Microsoft® Office release. It is designed to help you make changes to the default configuration of desktop and laptop computers that run the 2007 Office release in Active Directory® environments. This guide is part of a Solution Accelerator that provides prescriptive guidance in the form of recommendations, best practices, and step-by-step procedures to help you plan for and securely deploy the 2007 Office release. It includes information about how to deploy recommended security settings for two different types of environments:
The Solution Accelerator that includes this guide also provides the GPOAccelerator, a tool you can use to deploy security settings. This tool automatically creates all the Group Policy objects (GPOs) you need to deploy the recommended security settings in your environment. A comprehensive security settings reference called Threats and Countermeasures is also included in the Solution Accelerator to help your security architects, planners, and administrators understand what each security setting does, its recommended configuration, and which threats it mitigates. These settings are also summarized in an Office Excel® workbook called Security Settings for 2007 Office Applications. Microsoft engineering teams, consultants, support engineers, partners, and customers have reviewed and approved this prescriptive guidance to make it:
Regardless of whether you're a consultant, a security specialist, or an IT professional in a midsize or large organization, this guide will provide you with the technical resources and insight that you need to develop an effective security strategy for the 2007 Office release. Guide Purpose and ScopeThe purpose of this guide is to help IT professionals accomplish the following:
Microsoft Office Applications Discussed in this GuideThe information in this guide applies only to the following applications in the 2007 Office release:
This guide does not apply to earlier versions of Microsoft Office because many of the settings and features discussed in this guide were not available previously. It was tested on Windows® XP Professional with Service Pack 2 (SP2) and on Windows Vista®. It has not been tested on Windows Server® 2003, although the recommendations in this guide might apply to computers that run the 2007 Office release on Windows Server 2003 SP1 or later. As mentioned earlier, this guide provides prescriptive security setting recommendations for two different types of environments: the EC environment, which balances security and application functionality, and the SSLF environment, which emphasizes security over application functionality. You can use the information in the companion guide, Threats and Countermeasures, to modify the recommended settings to create different configurations for other specialized environments. AudienceThe 2007 Microsoft Office Security Guide is intended primarily for IT generalists, security specialists, network architects, and other IT professionals and consultants who plan and design deployments of the 2007 Office release on both desktop and laptop computers in midsize and large organizations. The guide is not intended for home users. Specifically, this guide is for individuals whose job roles include the following:
Why Is Security Important for the 2007 Office Release?Microsoft is committed to making security a central concern in every product it releases. There are several factors that make securing desktop productivity applications, such as the 2007 Office release, particularly important. These factors include:
Information Security Risks and Defense-in-DepthGenerally, IT professionals and IT security specialists see three types of risks to information security:
To help ensure that your organization is protected from all three of these risk categories, a defense-in-depth security strategy is recommended—that is, a security strategy that includes multiple overlapping layers of defense against unauthorized users and malicious code. Layers will typically include perimeter network protection such as firewalls, physical security measures such as physically secure datacenters and server rooms, and desktop security tools such as personal firewalls, virus scanning programs, and spyware detection. If the 2007 Office release is part of your environment, your defense-in-depth strategy must also include the mitigation mechanisms that are provided with the 2007 Office release. These mitigation mechanisms include a wide range of technologies, settings, and features, such as trusted publishers, encryption, trusted locations, digital signatures, privacy settings, and security settings for Microsoft ActiveX® controls, add-ins, and Microsoft Visual Basic® for Applications (VBA) macros. Together, these technologies, settings, and features can help mitigate threats to the security of your environment. By using these mitigation mechanisms, you help protect the intellectual property, business resources, and business processes that are at the heart of your business. Infrastructure RequirementsThis guidance assumes that you have used industry-standard guidelines and best practices to develop your organization's security architecture, and that you use industry-current security technologies to protect your organization's infrastructure. It also assumes that you have accomplished the following:
If you do not meet these infrastructure requirements, the following resources are available to help you secure and upgrade your infrastructure.
Chapter SummaryThe 2007 Microsoft Office Security Guide consists of this overview and five chapters. The following figure shows how you can use this guide and other 2007 Microsoft Office Security Guide deliverables to plan and deploy security settings in your environment. As shown in Step 2 of the preceding figure, Chapters 1 through 4 in this guide will help you determine the most appropriate security settings for your environment. However, if you want to deploy the EC or SSLF settings exactly as prescribed without modification (for example, in a test environment), you can skip to Step 4 and follow the guidance in Chapter 5 and in How to Use the GPOAccelerator. You do not need to read Chapters 1 through 4 to deploy the prescribed EC or SSLF settings. Note Microsoft recommends that you carefully evaluate the EC and SSLF settings before using them in a production environment. A summary of each chapter follows. Chapter 1: 2007 Office Release This chapter provides the following information:
This chapter provides an overview of the 2007 Office release security technologies and settings that help mitigate threats to confidentiality, including:
You can use this information during the envisioning and planning phases to better understand the threats that affect confidentiality and the possible mitigations that you can implement to address such threats. This chapter provides an overview of the 2007 Office release security technologies and settings that help mitigate threats to integrity, including:
You can use this information during the envisioning and planning phases to better understand the threats that affect integrity and the possible mitigations that you can implement to address such threats. This chapter provides an overview of the 2007 Office release security technologies and settings that help mitigate threats to availability, including:
You can use this information during the envisioning and planning phases to better understand the threats that affect confidentiality and the possible mitigations that you can implement to address such threats. Chapter 5: Designing and Implementing Security Settings This chapter provides prescriptive guidance for choosing either the EC or SSLF environment settings as well as prescriptive guidance for designing an organizational unit (OU) structure. AcknowledgmentsThe SA-SC team would like to acknowledge and thank the group of people who produced the 2007 Microsoft Office Security Guide. The following individuals were either directly responsible or made a substantial contribution to the writing, development, and testing of this guide. Content Developers Bill Gruber – Microsoft Paul Henry – Wadeware LLC Paul Slater – Wadeware LLC Development Lead Ross Carter – Microsoft Editors Jennifer Kerns – Wadeware LLC Steve Wacker – Wadeware LLC Product Managers Alain Meeus – Microsoft Jim Stuart – Microsoft Eric Yaver – Volt Information Sciences Program Manager Flicka Enloe – Microsoft Release Manager Karina Larson – Microsoft Reviewers Alex Vandurme – NCIRC/NATO Brad Albrecht – Microsoft Chase Carpenter – Microsoft David Vanophalvens – NCIRC/NATO Derick Campbell – Microsoft Ed McGinn – Microsoft Eugene Siu – Microsoft Frank Simorjay – Microsoft Joshua Edwards – Microsoft Korean Government Kurt Dillard – Microsoft Mallikarjuna rao Nimmagadda – Microsoft Mark Simos – Microsoft Norman Vadnais – Independent Padgett Peterson – Lockheed Martin Raf Cox – Microsoft Tom Garity – Independent Waqas Nazir – V-Empower Inc. In addition, the United States Department of Commerce National Institute of Standards and Technology (NIST) participated in the review of this Microsoft security guide and provided comments that were incorporated into the published version. Test Manager Gaurav Singh Bora – Microsoft Testers Harish Ananthapadmaanabhan – Infosys Technologies Ltd. IndiraDevi Chandran – Infosys Technologies Ltd. RaxitKumar Gajjar – Infosys Technologies Ltd. Sumit Parikh – Infosys Technologies Ltd. |
|