Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Why should I not "Allow Trusted Locations on my network"?

Posted on 2010-09-14
3
Medium Priority
?
1,170 Views
Last Modified: 2012-05-10
I am trying to understand more about the Trust Center in Office 2007. I discovered early on that the Trust Center can only point to the hard drive.

Somehow I overlooked the check box for "Allow Trusted Locations on my network (not recommended)". From what I gather on the Microsoft site, this is primarily because there is no accountability with most network drives, unlike the hard drive, which is controlled by individual users.  Are there other compelling reasons to not include network drives in the Trusted Locations?
0
Comment
Question by:jkunrein
3 Comments
 
LVL 120

Assisted Solution

by:Rey Obrero (Capricorn1)
Rey Obrero (Capricorn1) earned 600 total points
ID: 33672481
i believe that is the only reason as what was stated in the Microsoft site. Anybody who has permission to the network shared folders can place anything in the folder including files with malicious  codes.
0
 
LVL 28

Accepted Solution

by:
omgang earned 700 total points
ID: 33672588
I'm curious to see what other have to say but here's my take on it.  I have specified my personal network directory (on our corporate network) as a Trusted location.  For apps I deploy to some of our users I also set their personal network directory as a Trusted location for them so that they do not receive the security prompt when using my apps.

Assume a user set an entire, public (everyone in the company), share as a Trusted location.  While browsing around they see an Access db and wonder "hey, I wonder what that's for?" so they open it.  If it contained harmful code it could be bad.

But, what if the user simply copied the Access db and dropped it into a Trusted location on their local hard drive?  What if the user received an Access db from someone outside the company and saved it to a Trusted location on their hard drive?  What if they downloaded an Access db from the web and....?

Ultimately, the user can still activate code by clicking Allow at the security prompt and/or by creating placing the db file into a Trusted Location.  The secuirty prompt is a notification to the user that the file contains executable code and they need to consider that before activating/enabling it.

OM Gang
0
 
LVL 74

Assisted Solution

by:Jeffrey Coachman
Jeffrey Coachman earned 700 total points
ID: 33673949
Just another theory here...

In today's  "Connected" world, the term "Drive" can mean almost any storage location.

So theoretically you could access a "Network" drive over the web.
This just opens up all types of security considerations.

So simply stating "Not recommend" is a good upfront warning.

Remember, from a casual user's stand point they will simply be tempted to make "Everything" trusted.
As far as they are concerned, this will get rid of that "annoying" message for every location, forever.
:-O

So this at least the let's then know that it is "not recommended", so at at the very least they will (Hopefully) ask someone before proceeding...

;-)

I too am interested in other Expert comments on this subject.

JeffCoachman
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have had my own IT business for a very long time. I started mostly with hardware and after about a year started to notice a common theme. I had shelves with software boxes -- Peachtree, Quicken, Sage, Ouickbooks -- and yet most of my clients were…
In this article, I will demonstrate that how to do a PST migration from Exchange Server to Office 365. This method allows importing one single PST, or multiple PST's at once.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question