Protect Your Sensitive Documents
Use passwords, encryption and common sense to keep documents private
Before computers arrived, getting your hands on important company reports and records required that you leave your desk and retrieve the papers from a locked file cabinet.
Today's digital workplace has made document access a lot simpler. An employee sitting in front of a PC—or a clever outsider—can find and view almost any company document with a few mouse clicks.
Business owners are rightly concerned. Unauthorised viewing and distribution of confidential customer data, financial records, employee information, product specifications and other sensitive documents can lead to disaster. Leaks of confidential information can result in lost revenue, compromised ability to compete, unfairness in purchasing and hiring decisions, diminished customer confidence and more. For instance, if your payroll report gets circulated, you could end up with disgruntled employees.
How do you protect sensitive documents from unauthorised viewing? Here are some strategies for keeping confidential documents confidential.
Simple Ways to Protect Documents
1. Destroy hard copies. If you print out confidential documents to circulate at meetings, collect them afterwards and shred them or ask the participants to do so.
2. Label documents. Sometimes employees are unaware that documents contain confidential information and therefore don't take precautions that they otherwise might. Instruct writers to use the header or footer areas to label the document "confidential." They can also place a confidential watermark on a document. In Word 2003, select Background from the Format menu and then select Printed Watermark. Select Text watermark in the dialog box and choose CONFIDENTIAL from the drop-down list.
3. Use password protection. You can restrict who can view a document by requiring that anyone opening the document know and enter a password you create and share with them. Documents, spreadsheets and presentations created with Microsoft Office 2003 all make this feature available. Simply open the file, select Options from the Tools menu, and click the Security tab. You can set passwords to both open and modify a document. While hackers have tools to discover passwords, passwords generally make it harder to view documents.
4. Install a firewall. There are numerous good reasons to install a firewall—and protecting important documents is definitely one of them. Firewalls can keep Internet intruders from accessing your computer files and viewing information. Windows XP Professional includes a software firewall that's easy to set up.
5. Lock the doors. To prevent someone from walking into your office and carrying away your computers—and the documents located on the hard drive—don't leave computer areas unattended and make sure your office doors remain locked after business hours. If you have a server, keep it in a special area that is locked at all times.
Advanced Document Protection
1. Encrypt your document files
Windows XP Professional comes with the Encryption File System (EFS), which enables you to encrypt individual files as well as the contents of an entire folder. With ESF, only the user who encrypts a document file can open the file and work with it. However, built-in data recovery support lets you recover data encrypted by an employee after the employee leaves or if file encryption keys are lost.
While encryption sounds highly technical, you may not need an outside consultant to show you how to use it. The default configuration of EFS allows users to start encrypting files with very little effort and creates all the keys you need to have. See the article Protecting Data by Using EFS to Encrypt Hard Drives that is linked below to begin using EFS.
2. Assign file permissions
Access rights and privileges can be applied to individual as well as groups of users. Common permissions allow a user to view or "read" a file or all the files in a folder and to change or "write" to a file or all files in a folder. Windows Small Businesses Server 2003 and other Windows server systems enable you to use permissions through the "access control list."
3. Use Information Rights Management
With IRM, you can set file permissions at different levels and change the level for specific users and groups of users. You can also
IRM also gives you control over e-mail messages and attachments even after they are sent. It can prevent e-mail messages from being copied, forwarded or printed.
IRM requires that you have a company server running Windows Server 2003.
As with most things, caution and common sense can provide a large measure of protection for sensitive documents. Yet the more your business has to lose by having reports, statements and other confidential documents exposed, the more you'll want to invest in your document protection solution. And, in these digital days, that doesn't mean adding another lock to the file cabinet.