Protecting Excel: Not as Easy as It Looks

Padlock cyber security

Many workers keep extremely sensitive information on the lowly Microsoft Excel worksheet. If the worksheet resides on a network share, then network security will protect files to its fullest extent. However, many of them reside on laptops.  Many laptop users password-protect their laptops and many don’t. If a thief can get past the login screen, then most of the laptop’s documents are ripe for the taking unless they are individually password protected and encrypted.

Worksheet password protection is a good start. If a user has password-protected their Excel worksheets and/or locked ranges, that is another layer of security that will deter a casual opportunist. There is however at least one freeware program available on the Web that easily breaks Excel 2010 and earlier passwords, even strong ones. It’s made for users who forget their passwords and need to recover their documents. VBA coding tutorials are also easily available and allow users to break forgotten passwords. But this freely available information also makes a data thief’s job much, much easier.

Microsoft beefed up worksheet encryption and password security for Excel 2013 but a password cracker software can get past that as well. And since native Excel security has no location- or user-sensitive security settings, if someone can access a worksheet they can copy it wherever they want to… as many times as they want to.

Best Practices for Storing Sensitive Spreadsheets on Your Laptop

  1. Use a software that encrypts the contents of its hard drive. Most encryption products will allow you to choose to encrypt the entire disk or protect individual sectors.
  2. Have your laptop act as a thin client by storing files to the cloud. This usually requires corporate support since you will want a fast enough connection to work on files without having to move them back and forth to the cloud.
  3. Choose a strong password for Excel: the longer and more random the characters the better. Regularly changing the password is also a good practice.
  4. Use vendor products that help to protect Excel content. These roughly fall into two categories: individual and small group Excel protection, and enterprise endpoint data protection solutions.

For individual laptop users or workgroups who need to protect Excel worksheets, Worksheet Sentry software encodes worksheets with different access levels for authorized users. For example, although the creator may have full password-protected access onto a full worksheet, other authorized users may only be able to view some data and be unable to copy or access protected ranges or formulas. Location security also encodes worksheets so they will only display on authorized PCs.

XLS Padlock is an Excel workbook protection software. It compiles the three data segments of Excel into secure applications: worksheets, VBA codes and formulas. The software controls user access to secure file distribution and copying rights.

Some bigger vendors provide data security and protection for endpoint devices, including strong encryption and private clouds for file storage. Commvault Endpoint Data Protection integrates with Sympana but is also a modular standalone product. Commvault backs up edge data including Excel worksheets, provides a private cloud data storage environment, and encrypts laptops.

Druva inSync is an endpoint protection pioneer. Along with endpoint backup, inSync protects shared files and integrates with Active Directory, and provides data loss prevention (DLP) with remote wiping, geo-location, and protected hard drives.

If you are an Excel worksheet user, take advantage of company-provided data security. If your company does not provide endpoint protection – and many of them do not – then use Excel 2013, strong passwords, and avail yourself of the worksheet security products that are out there.

If you are IT and your laptop users have confidential worksheets, and you do not provide endpoint protection – please start. The consequences of exposing confidential spreadsheet information can be very painful.