Given all the complexity in any given enterprise network, I still believe that if you want to protect sensitive files, then start doing so at a higher level. The cycle of hacking and breaches will continue. For now, though, I suspect that we'll continue down the business-as-usual path of putting weak passwords on documents and continuing to store them on unsecured workstations. For example, its file password key escrow and digital signature capabilities look like solid, enterprise-grade solutions. It does appear that Microsoft has made good strides in providing security controls for Office 2013.
Microsoft Office 365: One size doesn't fit all IT shopsĬonsider these third-party Windows desktop management tools Office Web Apps becoming more like desktop apps Microsoft to release Office 2013 early, but does IT care? All it takes is an unencrypted laptop or physically unsecured desktop to create a data-breach scenario. For example, a human resources manager's unencrypted laptop housing sensitive Word documents with password "protection" creates the prime opportunity to demonstrate that business information is at risk. Cracking sensitive Office files can certainly help build the case that better security is needed at the desktop. These tools can be used in another positive way - for security testing. Either way, these are the perfect scenarios for using password-cracking tools such as these from Elcomsoft.
The original person who sent it is not available or can't remember the password, and you need to move forward. Someone sends us a Word document or Excel spreadsheet that they're expecting us to open and edit, but one of those pesky (and often inadvertent) passwords is getting in the way. There's certainly an upside to password flaws in Microsoft Office. In many cases, your organization may be held liable by breach-notification laws if you cannot prove that sensitive information was adequately protected. Regardless, it's like the unencrypted laptop that gets lost or stolen - you'll never really know if the data is safe.
OK, not everyone who comes across a password-protected Office 2013 file is going to have the means to crack it immediately. In other words, if an executive or someone in marketing or legal is touting how they're doing their part to protect sensitive information by adding passwords to their Office 2013 files, it's merely for show. Advanced Office Password Recovery is shown in Figure 1. Passwords in business applications such as Access, Excel, PowerPoint, Project and Word are all fair game. Using Elcomsoft's Advanced Office Password Recovery to crack a password-protected Office 2013 Word document.
0 kommentar(er)
