Microsoft Office 2007 Security Guide
Welcome to the 2007 Microsoft Office Security Guide . This guide provides prescriptive guidance for identifying risks and mitigating security threats that relate to the 2007 Microsoft® Office release. It is designed to help you make changes to the default configuration of desktop and laptop computers that run the 2007 Office release in Active Directory® environments.
This guide is part of a Solution Accelerator that provides prescriptive guidance in the form of recommendations, best practices, and step-by-step procedures to help you plan for and securely deploy the 2007 Office release. It includes information about how to deploy recommended security settings for two different types of environments:
· The recommended settings for Enterprise Client (EC) environments are for organizations that seek to balance security and functionality. Typical security-conscious enterprises, government departments, and other organizations should start with the EC recommendations and customize them to meet their individual circumstances and requirements.
· The recommended settings for Specialized Security - Limited Functionality (SSLF) environments are for organizations with very stringent security standards, and for which security is more important than application functionality. These settings are designed for organizations and departments with national security responsibilities or that handle highly classified information. You may choose to apply the SSLF settings to a subset of the computers in your organization, or balance the EC and SSLF recommendations to fit your needs.
The Solution Accelerator that includes this guide also provides the GPOAccelerator , a tool you can use to deploy security settings. This tool automatically creates all the Group Policy objects (GPOs) you need to deploy the recommended security settings in your environment. A comprehensive security settings reference called Threats and Countermeasures is also included in the Solution Accelerator to help your security architects, planners, and administrators understand what each security setting does, its recommended configuration, and which threats it mitigates. These settings are also summarized in an Office Excel® workbook called Security Settings for 2007 Office Applications.
