Why should I not "Allow Trusted Locations on my network"?

I am trying to understand more about the Trust Center in Office 2007. I discovered early on that the Trust Center can only point to the hard drive.

Somehow I overlooked the check box for "Allow Trusted Locations on my network (not recommended)". From what I gather on the Microsoft site, this is primarily because there is no accountability with most network drives, unlike the hard drive, which is controlled by individual users.  Are there other compelling reasons to not include network drives in the Trusted Locations?
LVL 9
jkunreinAsked:
Who is Participating?
 
omgangConnect With a Mentor IT ManagerCommented:
I'm curious to see what other have to say but here's my take on it.  I have specified my personal network directory (on our corporate network) as a Trusted location.  For apps I deploy to some of our users I also set their personal network directory as a Trusted location for them so that they do not receive the security prompt when using my apps.

Assume a user set an entire, public (everyone in the company), share as a Trusted location.  While browsing around they see an Access db and wonder "hey, I wonder what that's for?" so they open it.  If it contained harmful code it could be bad.

But, what if the user simply copied the Access db and dropped it into a Trusted location on their local hard drive?  What if the user received an Access db from someone outside the company and saved it to a Trusted location on their hard drive?  What if they downloaded an Access db from the web and....?

Ultimately, the user can still activate code by clicking Allow at the security prompt and/or by creating placing the db file into a Trusted Location.  The secuirty prompt is a notification to the user that the file contains executable code and they need to consider that before activating/enabling it.

OM Gang
0
 
Rey Obrero (Capricorn1)Connect With a Mentor Commented:
i believe that is the only reason as what was stated in the Microsoft site. Anybody who has permission to the network shared folders can place anything in the folder including files with malicious  codes.
0
 
Jeffrey CoachmanConnect With a Mentor MIS LiasonCommented:
Just another theory here...

In today's  "Connected" world, the term "Drive" can mean almost any storage location.

So theoretically you could access a "Network" drive over the web.
This just opens up all types of security considerations.

So simply stating "Not recommend" is a good upfront warning.

Remember, from a casual user's stand point they will simply be tempted to make "Everything" trusted.
As far as they are concerned, this will get rid of that "annoying" message for every location, forever.
:-O

So this at least the let's then know that it is "not recommended", so at at the very least they will (Hopefully) ask someone before proceeding...

;-)

I too am interested in other Expert comments on this subject.

JeffCoachman
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.