Everyone is familiar with the saying "what you see is what you get". In many situations, it's quite possible to get more than what you see with some Microsoft products because of the way changes are tracked and metadata. Add in a small dose of carelessness and you have the makings of a disaster. Like most disasters, there are preventive steps. One quick measure is to use a free document security software package from Workshare called Trace.

Anyone who uses Microsoft Word appreciates the ease at which you can compose your thoughts and share them with others. Seldom do we create documents for our sole use. Instead, we collaborate with co-workers or partners. We routinely attach these files in an email and send them others. I would not want to give up these features as they allow me to be more productive.

Traces of Document Information

These features do come with some hidden benefits if you'll forgive the pun. Depending on how you use Microsoft Word, Excel and PowerPoint, you could be leaving behind traces of information that should not be shared. Sometimes this is metadata, which is identifying information about the document such as author, reviewers, company and so on. Other examples include:

• Identity information
• Tracked changes
• Comments
• Last 10 authors
• File paths
• Speaker notes

Determining the Security Risk

At first glance, you might think, "so what" or "what's the harm". The answer varies for each user. One way to get a good assessment is to use Trace. Using this tool to scan Microsoft Word and Microsoft Excel files, I found some very interesting information among files I've received.

• A vendor sent me a contract that was changed from another client. I could see the changes that were made and by whom. These included the other company's name, contact and billing info. Moreover, the billing info included a credit card number.
  
  
• Several resumes showed that someone else prepared the resume other than the applicant. A similar issue was seen with corporate press releases.
  
  
• A Request for Proposal (RFP) with comments that might influence how recipients might bid. I could also see where the file was stored on their system.

Trace works by scanning your files and folders for various items ranging from identity information to profanity. These items are ranked by risk level ranging from High Risk to Low Risk. Low risk examples might include Microsoft Smart Tags. Each of the examples above was flagged for high-risk content. Based on the content, Trace will provide a score from 1-5 and detail the risks. In the screen snap below, you can see one of my documents had 171 high-risk elements and scored a 5.

I'll admit I couldn't believe how I could have 171 high-risk items in one document. A little research and I was able to see how this document was created. This document started as a Microsoft Word template I found on the web and customized. As a result, each of my changes was flagged as high risk. You can see an example below where I deleted a paragraph referencing "survey and contests" since we weren't planning to use them.

What I didn't expect to see were deleted email addresses and changes from the people who created the template. If you use boilerplate contracts or templates, your documents may also include these types of changes.

Although Workshare's Trace can't fix these issues for you, it can alert you to problems. The program has a feature called "Enable Active Monitoring" which places an icon in your system tray. The icon changes colors based on the degree of risk. The program can also display a balloon if it spots high or medium risk items. For example if I were to type a VISA credit card number, I would get an alert such as the one below.

I found the program quite informative and easy to use. We wished the program were a bit faster and worked on password-protected files, but for a free program, we can hardly complain.

In our next article, I'll discuss some ways that you can correct problems that Trace identifies. Until then, we would recommend you use Trace to see where you might be revealing more information than you should.

• Version Reviewed: Trace 2.0
• Cost: Free
• Requires: Windows 2000 or Windows XP, Office 2000 and above and .NET framework
• URL: http://www.workshare.com/products/trace/default.aspx

Related Security Articles

• Removing Sensitive Data from Documents
• Google Search on Minimizing MetaData for Microsoft Products