Where previous versions of Microsoft Office allowed users to apply broad ranging security settings, Office 2007 introduced features that can be controlled at a granular level. The application offers 1,500 settings, 300 of which relate to security.
In previous versions of Office, administrators could enable or disable macros. Macros are considered a potential security risk, but many firms rely on them to automate tasks. Office 2007 therefore supports trusted folders, where administrators can place documents that are pre-approved to be use macros. Or they can allow macros in Excel only, or for employees in a certain group.
Administrators or security architects can also block access to certain web services. Office 2007 for instance offers an automated translation tool that relies on internet access, and therefore could be perceived as privacy risk.
"The idea is to make security approachable to everyone," Joshua Edwards, technical product manager for Microsoft Office told vnunet.com.
"It is hard to configure what you are not aware of. It's about understanding what your options are and how you can implement those together."
The Group Policy Object Accelerator offers two sets of basic settings that are based on the two sets of common security settings. The Enterprise Client settings will appeal to most businesses, while high secure operations are expected to go for the so-called Specialized Security Limited Functionality settings.
Users seeking even more granular control can dive in even deeper and adjust each of the 300 security settings to fit their needs. The documentation that accompanies the tool furthermore will point out interdependencies between settings.
Microsoft offers similar tools for Windows Vista and Windows XP. Edwards said that the software developer has been approached by client management software vendors. Companies like Altiris or LANdesk would be interested in automating the security settings through their management software as well.