How to prevent docs with hidden data from leaving your outbox

By Patrick Biz
Contributing Writer, [GAS]

Not only could this be very embarrassing, it could also hurt your reputation and even expose you to legal actions. Before exchanging documents with tracked changes, you should always make sure the final copy is sanitized and cleared of any sort of hidden data. Take your data security and integrity to the next level by installing SendShield, a first line of defense against hidden data in incoming and outgoing documents.

A Worst case scenario

A finance department assistant prepares a document showing the projected sales for the year to come. Once a first draft is completed, the document is sent to the finance director.

The director turns on Track Changes in Excel and increases some projected sales values thinking employees would be delighted by the goals for the upcoming year. On the cell showing off the estimated revenues, he adds a comment aimed at the vice president:

“Hey Bob, I think we should revise these numbers up. Even if we don’t reach them by the end of the year, it might prevent some departures in the next few months as we expect a decrease in sales.”

Bob gets the spreadsheet, looks at the numbers, and adds his comment:

“Good idea, these kids in IT would surely jump on the occasion to leave the company. Let’s keep ’em in the dark.”

Bob hides the changes to see how the spreadsheet looks, gets a call, and makes a careless mistake while talking on the phone: He approves the document and sends it back to the assistant.

The assistant looks at the spreadsheet, and since everything looks fine, emails it to all employees. Ouch!

Unfortunately, situations such as this one are happening regularly. Check out this page to read a few nightmare stories that got media attention.

How can IT prevent this?

I recently stumbled on SendShield, a free software that installs itself as an Outlook plugin and scans attached office documents for hidden data. The application works at the client level, so it should not be seen as a server application.

Precisely, SendShield searches for the following items:

  • Tracked Changes
  • Comments
  • Hidden rows, columns and sheets (Excel)
  • Formulas

System requirements & download

  • Windows XP, Windows Vista or Windows Server 2003
  • Office 2007 or Office 2003 (coming soon: Office XP/2000)
  • Microsoft .NET 1.1
  • 15 MB disk space
  • 512 MB RAM

You can download SendShield for free without the need to go through a lengthy registration process. Before running the installation, make sure all Office programs are closed (including Outlook.)

How it works

SendShield kicks in as soon as you attach a Microsoft Office document into an Outlook email. It scans the file and displays a warning that you can’t really miss.

If you don’t take action at this point, you’ll be prompted once again when sending your email. This time, SendShield pops up an Unclean Attachments warning box requesting an action:

  • Either you let SendShield clean the attachment(s) (I gave this option a few try and it makes a perfect job.)
  • Or you can decide to leave the file(s) intact

SendShield has another interesting feature: it scans Office documents received by email. This could allow you to view hidden data you shouldn’t have been exposed to.

Summary

Just as a precaution, I strongly recommend Outlook users, especially those in the corporate world, to deploy SendShield. Give it a try with a few test users, and if you get good results, push it to everyone. Who knows how many embarrassing situations this could save you? Have you ever been exposed to hidden data in Office apps?


Geeks are Sexy needs YOUR help. Learn more about how YOU can support us here.