www.microsoft.com/office/ 2
Benefits of Document Encryption
Organizations of all kinds need to protect information stored in 2007 Microsoft Office
documents. Word documents, Excel spreadsheets and PowerPoint presentations can all
contain information that needs to remain private, with access provided only to authorized
persons inside or outside the organization. In some instances, inappropriate release of
information contained in files could lead to theft of trade secrets, exposure of confidential
customer information, or loss of significant amounts of money and brand equity.
Companies in regulated industries could even face legal action if sensitive information is
inadvertently disclosed. Therefore, protecting information and intellectual property should
be a high priority for any company.
Recognizing the importance of protecting the information in Microsoft 2007 Office system
files, Microsoft provides a number of security technologies that can protect that
information. Examples of these technologies include:
Internet Protocol Security (IPSec) network encryption IPSec is the preferred
method used to encrypt information while it is in transit over the network. Once the
information reaches the destination, IPSec no longer protects the information.
Rights Management Services (RMS) and Information Rights Management
(IRM) Windows Rights Management Services enables end-to-end protection and
control over who can read, print, change, forward or copy a document. Information
Rights Management extends RMS to Microsoft 2007 Office system applications. Rights
Management Services depends on a supporting infrastructure that includes Certificate
Services (PKI), Windows Rights Management Services server(s), Internet Information
Services, Microsoft Active Directory and SQL Server, along with RMS client software
and RMS-enabled applications.
Encrypting File System (EFS) EFS is a feature of the NTFS file system that
enables users to encrypt files and folders while they’re stored on disk. This protects
the documents from other users when machines are shared. However, when these
documents are sent over the network, such as over e-mail or during file copy