Productivity Portfolio

The reason we've included multiple methods for removing data is people have different document security needs. Some organizations need to secure data for legal or regulatory needs. Other companies may only be concerned about protecting files they post online. Another group might focus on files sent as email attachments. If you have any doubts about the need for removing this data, you might want to review Richard M. Smith's analysis of Tony Blair's Iraq Dossier.

Regardless of which group you fit into, you most likely want to protect files you're ready to publish and distribute. If you're still editing a document in house, you may not need to act yet. The major risk occurs when you share the document outside your organization.

Changing your Microsoft Word Options

If your security needs are simple, one way to limit privacy data is to change your program settings.

1. From the Tools menu, select Options

2. Click the Security tab.

3. Under the Privacy options section, check Remove personal information from file properties on save.

4. In the same section check Warn before printing, saving or sending a file that contains tracked changes or comments.

5. Click OK.

The first privacy option removes the information you see when you select Properties from the File menu. Some of this information is gathered from the program installation such as Author. Other items such as Title are pulled from your first sentence in the document.

The second option will not remove tracked changes or comments. Instead, it simply informs you that tracked changes are present. Its up to you to act on the changes by accepting them or deleting them. You might think of this as a tickler item.

Depending on the document, you might want one copy with the tracked changes and a clean one for distribution.

I'm guessing that some people will jump to step 5. If it makes you feel better, I jumped to Step 5. You can follow my lead, but if you skip steps 1-4, your new file will not be clean and include the tracked changes and comments you were trying to remove.

Microsoft's Metadata Removal Tool

Microsoft also addresses data security with an add-in tool that works with the XP or 2003 versions of Word, Excel and PowerPoint. The tool does an adequate job and adds an item to the File menu. The program is not configurable but does have an option see data prompts.

Using our previous privacy document, the tool removed all but the lowest security items flagged by Workshare TRACE. The remaining low security items appeared to be Smart Tag items without identifying elements.

The program provides some feedback along the way, but you're never sure what was found unless you cancel the process and find the data.

When the process finishes, you get a results log and a cleaner read-only document with a new file name.

Workshare Protect

Today, programs are given away with the expectation the customer will opt for the better tool. Such is the case with Workshare TRACE and Protect. TRACE is the teaser program that identifies your problems. However, Workshare Protect scans and removes the offending items. You might think of the program as a configurable metadata scrubber with some extra security features.

Although the program isn't free, its not going to kill your budget. The pricing is similar to anti-virus or spyware programs offered as an annual subscription. For Protect, the annual fee is a reasonable $29.95 or about 11 cents per business day. The program is considerably more functional than Microsoft's add-in.

The program comes as a stand-alone program, but also embeds toolbars into Outlook, Excel, Word and PowerPoint. This allows you quick access to the programs main functions as you're editing or sending the files. We found the Outlook option useful because it helped correct past errors and prevented new ones. For example, before sending an attachment, the program scans and cleans the file even if it were written before we thought about data security. Even if you don't use the Send with Protect button in Outlook, the program will open the Attachments dialog.

I also appreciated the customization the program offered. Rather than blindly cleaning a file, I could select different parameters including distribution management and password protection. For example, I could restrict the file from being sent to someone outside the company if I used Outlook, Notes or GroupWise. This is a nice feature if people use these email clients as an edit message and block appear when an external email address is found. The edits don't appear if you use non-supported email applications.

The other advantage to having a configurable program is sometimes you want some metadata or other codes. Although removing all hidden codes may make a document safer, it may influence usability. Ive written Word documents where if the field codes, macros, footers or bookmarks were removed, the document would be considerably less functional.

One pleasant surprise was the ability to convert files to PDF. If the recipient only needs to read or print the file, this may be the safest option. A related feature was I could configure the program to zip the file if it exceeded a user-defined size such as 1MB.

One quirk we noticed with Workshare Protect was it didn't return the same security counts when scanning files as Workshare TRACE. Interestingly, Protect reported slightly lower counts. In some regards that was good, as TRACE would flag the occurrence of the word password as a risk even if the data element weren't shown. When we asked the company about the scan differences, we were told this was a temporary situation because of the product release cycles. Timing aside, we were reassured when rescanned the cleaned file using TRACE. We also didn't see the option to Scan Web, which was available in TRACE. In our case, this was a non-issue since the source files were on a local machine.

The company offers a fully functional 14-day trial of the software. This should give users enough time to compare this program with the Microsoft Metadata Removal tool. If a key factor is cost and your needs are simple, the Microsoft tool is sufficient. If you send files outside your organization or post them online, then Workshare Protect is the better choice especially considering the price point.

Additional Resources

Related Articles

Trace Reveals Document Security Issues