| |
 | | http://www.securitymanager.net/magazine/news_h10661_bitform_releases_tool_that_identifies_hidden.html |
Bitform Technology Inc. announced the availability of Bitform Discover, a free desktop utility that identifies metadata and hidden information in Microsoft(R) Office documents. Bitform Discover is designed to provide end users and IT/Security professionals with a high-performance means of quickly scanning file repositories for sensitive information that may be unwittingly exposed to third parties when files are published or shared. The product produces comprehensive reports that detail the potentially sensitive data elements found in Word, PowerPoint(R) and Excel files.
Metadata is the information about the file, which may include author names, email addresses, company name, document summary information, and other details commonly found in "Properties" under the File menu in the Microsoft Office applications. Hidden and sensitive information can include deleted text, printer names, qualified local and network paths, SQL query strings (including database names), routing slip details, sensitive hyperlinks, comments, and redlines (tracked changes), to name a few. "This information, when exposed, may breach corporate policy and confidentiality guidelines, interfere with compliance practices, and create new security holes" according to Joe Keslin, Founder and CEO of Bitform.
"The risk of metadata and sensitive hidden information leaking from Office documents is a growing problem that we understand well," said Scott Rolf, Director of Information Technology at Tucker Ellis & West LLP. "Bitform Discover provides the most intuitive, robust analysis of documents of any tool we've seen to date. We also welcome Bitform's approach to solving this issue by having application vendors integrate an automated solution directly into existing applications because it's the only way to ensure 100% compliance."
As part of their research, Bitform analyzed more than 20,000 publicly-available documents found on the Web. Despite being published for public consumption, 97% of the Word documents contained author history, 74.8% contained paths (showing the location where the file was saved by the author), and 20.7% contained network share names (exposing corporate network naming conventions). Forty percent of the PowerPoint presentations contained earlier versions of modified slides, which are not visible to the author when using the PowerPoint application. Almost a third of the Excel files contained network share names. "These figures were surprising when you assume that documents published to the Web come under greater internal scrutiny and review prior to publishing than do the files individuals within organizations share with partners, prospects and customers every day," said Keslin. "We expect an even higher rate of sensitive information being exposed in the typical business-to-business interaction represented by e-mail attachments and partner extranets," added Keslin.
Bitform Discover is available for free download at www.bitform.net. Written in Java, the product runs on multiple platforms and does not require the native Microsoft Office applications to analyze files.
19.01.2005, Bitform Technology Inc.
| |
| |
| |
© 1999-2008 | |
| |
