Protect Your Sensitive Documents

Use passwords, encryption and common sense to keep documents private

Before computers arrived, getting your hands on important company reports and records required that you leave your desk and retrieve the papers from a locked file cabinet.

Today's digital workplace has made document access a lot simpler. An employee sitting in front of a PC—or a clever outsider—can find and view almost any company document with a few mouse clicks.

Business owners are rightly concerned. Unauthorised viewing and distribution of confidential customer data, financial records, employee information, product specifications and other sensitive documents can lead to disaster. Leaks of confidential information can result in lost revenue, compromised ability to compete, unfairness in purchasing and hiring decisions, diminished customer confidence and more. For instance, if your payroll report gets circulated, you could end up with disgruntled employees.

How do you protect sensitive documents from unauthorised viewing? Here are some strategies for keeping confidential documents confidential.

Simple Ways to Protect Documents
You can go a long way toward safeguarding documents with these simple practises and readily available technology tools:

1. Destroy hard copies. If you print out confidential documents to circulate at meetings, collect them afterwards and shred them or ask the participants to do so.

2. Label documents. Sometimes employees are unaware that documents contain confidential information and therefore don't take precautions that they otherwise might. Instruct writers to use the header or footer areas to label the document "confidential." They can also place a confidential watermark on a document. In Word 2003, select Background from the Format menu and then select Printed Watermark. Select Text watermark in the dialog box and choose CONFIDENTIAL from the drop-down list.

3. Use password protection. You can restrict who can view a document by requiring that anyone opening the document know and enter a password you create and share with them. Documents, spreadsheets and presentations created with Microsoft Office 2003 all make this feature available. Simply open the file, select Options from the Tools menu, and click the Security tab. You can set passwords to both open and modify a document. While hackers have tools to discover passwords, passwords generally make it harder to view documents.

4. Install a firewall. There are numerous good reasons to install a firewall—and protecting important documents is definitely one of them. Firewalls can keep Internet intruders from accessing your computer files and viewing information. Windows XP Professional includes a software firewall that's easy to set up.

5. Lock the doors. To prevent someone from walking into your office and carrying away your computers—and the documents located on the hard drive—don't leave computer areas unattended and make sure your office doors remain locked after business hours. If you have a server, keep it in a special area that is locked at all times.

Advanced Document Protection
More sophisticated solutions for protecting sensitive documents may mean you need to bring in a technology consultant. But if document security is a top priority you will want to look closely at these strategies.

1. Encrypt your document files
Encryption can protect documents in the event a business computer is stolen—which is a very real liability for those traveling with laptops and other portable PCs. Encryption makes data unreadable except to those users who have the required "key" installed on their computer.

Windows XP Professional comes with the Encryption File System (EFS), which enables you to encrypt individual files as well as the contents of an entire folder. With ESF, only the user who encrypts a document file can open the file and work with it. However, built-in data recovery support lets you recover data encrypted by an employee after the employee leaves or if file encryption keys are lost.

While encryption sounds highly technical, you may not need an outside consultant to show you how to use it. The default configuration of EFS allows users to start encrypting files with very little effort and creates all the keys you need to have. See the article Protecting Data by Using EFS to Encrypt Hard Drives that is linked below to begin using EFS.

2. Assign file permissions
If your business uses a server, you can restrict who can view or change a document by assigning permissions. Permissions basically grant or deny access to a document (or any computer resource) as determined by the owner.

Access rights and privileges can be applied to individual as well as groups of users. Common permissions allow a user to view or "read" a file or all the files in a folder and to change or "write" to a file or all files in a folder. Windows Small Businesses Server 2003 and other Windows server systems enable you to use permissions through the "access control list."

3. Use Information Rights Management
For a document protection system that integrates directly with Microsoft Office Professional 2003 versions of Word, Excel, PowerPoint and Outlook, consider the Information Rights Management (IRM) technology developed by Microsoft.

With IRM, you can set file permissions at different levels and change the level for specific users and groups of users. You can also

IRM also gives you control over e-mail messages and attachments even after they are sent. It can prevent e-mail messages from being copied, forwarded or printed.

IRM requires that you have a company server running Windows Server 2003.

As with most things, caution and common sense can provide a large measure of protection for sensitive documents. Yet the more your business has to lose by having reports, statements and other confidential documents exposed, the more you'll want to invest in your document protection solution. And, in these digital days, that doesn't mean adding another lock to the file cabinet.