Security Basics mailing list archives
Information Rights Management
From: "Philip Wagenaar" <p.wagenaar () accon nl>
Date: Mon, 09 Aug 2004 11:27:30 +0200
Hi, Rrecently we (our company) asked ourselves the question what if clients modify a document we send them (in ie. Word format) and change figured and numbers (ie. made more profit) and resend that document to another part (ie. an investor)? First of all, most topis on this list are very technical, but what is the use of a highly secure network if these weaknesses still exist? Microsoft Office 2003 uses Information Rights Management to protect office files from being altered and as I understand can also sign them digitally. If a client doesn't have Office 2003 they can use a browser plug-in from Microsoft to still view the document. This is as far as I know the only product for office enviroments that has protection against altering. (By the way, IRM is much more secure then the standard-passwords protection for office files). I looked at other solutions, like Pretty Good Privacy, but they are a hassle to work with. Maybe not for us, but for home users it is. Does anyone have experience with making sure that information (ie. office files) that leave the corporate network from being abused? I also came along a tool from Microsoft that removes all the extra information from Office files (ie. author, who viewed it, who edited it, etc, etc). Does anyone also know of a product that does this automaticly and intergrated with E-Mail clients? Met vriendelijke groet, Philip Wagenaar Junior Projectleider ICT AccoN Accountants & Adviseurs ICT Project Bureau Postbus 5090 6802 EB Arnhem The Netherlands tel. +31 (0)26-3842384 fax. +31 (0)26-3630222 mobile: +31 (0)6-25388935 MSN/E-mail: p.wagenaar () accon nl Yahoo: philip_wagenaar http://www.accon.nl ################################################################## Dit e-mailbericht is uitsluitend bestemd voor de geadresseerde. De informatie hierin is vertrouwelijk, zodat het derden niet is toegestaan om daarvan kennis te nemen of dit te verstrekken aan andere derden. Indien u dit e-mail bericht ontvangt terwijl het niet voor u bestemd is, verzoeken wij u contact op te nemen met de afzender en de informatie te verwijderen van iedere computer. Bij voorbaat dank. ================================================================== The information transmitted in this e-mail is intended only for the person or entity to which it is addressed and contains confidential information. Any review, retransmission or other use by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. Thank you. ################################################################## ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal ##################################################################################### --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Information Rights Management Philip Wagenaar (Aug 09)
- Re: Information Rights Management The Janitor (Aug 09)
- RE: Information Rights Management Wilfred Smith (Aug 10)
- Re: Information Rights Management steve (Aug 10)
- <Possible follow-ups>
- Re: Information Rights Management nee cee (Aug 10)
- Re: Information Rights Management The Janitor (Aug 09)