Thread: Spreadsheet Security
View Single Post
  #3   Report Post  
Posted to microsoft.public.excel.programming
Adrian Gallero Adrian Gallero is offline
external usenet poster
  
Posts: 2
Default Spreadsheet Security
Lee Meadowcroft wrote:
Hi,

My question is how can I best secure my spreadsheet to prevent other
organisations from using it as their own? There are legal issues which
could affect my company should others make mistakes as a result of
using my spreadsheet; regardless of whether or not they used it with
my consent.

I am not a lawyer, but i find this not very likely. If they are using
your spreadsheet without your consent you should have not any
responsability. I would ask for some legal advise on this one.

About Excel, there is really little security you can add to an xls
file. Most of the "security" things are just a record inside the xls
file that says "do not open me". By editing the file and removing those
records, you can access almost everything on seconds.


The spreadsheet currently has locked and hidden cells,

No security here.

password protected sheets and password protected VBA code.

No security here either, at all.

I am aware that excel passwords are relatively easy to crack,
regardless of length or
complexity.

It is not that they are easy to crack, is that you can bypass them
completely with no effort. And you do not need too much technical
knowledge either. Just try to open your file with openoffice, and take
a look at the macros, protected cells, etc.

Ideally I would like to convert the software to a
standalone application but am not prepared to pay for software to do
this as I dont intend on selling the spreadsheet and therefore cannot
recover the cost of any software.

This might be an option, but it is never 100% safe anyway. If an user
can use it on your company, he can use it outside your company.


Are there any more advanced security tools availble within excel that
can better protect my spreadsheet?


The only thing that really adds some security to an xls file is the
Password to open (Tools-Options-Security) If you are using XP/2003,
you can also select the encryption mode, and use something better than
the standar office 97 encryption (that can be easily cracked too)

You will see that if you have a password to open, OpenOffice will ask
for the password for the document. This is so because you can not
really open it without it, since the file is encrypted.

Of course, the drawback of the "password to open" is that you need to
tell your users which password it is, or they will not be able to open
the file. So if someone is using your file, he has to know the password
to open too.

Also, there are tools that can make a brute force attack on the
password to open. If the password is too simple they might guess it,
even if it is not encrypted.

I thought about using the VBA to switch off all mens and buttons
except for open, save and save as such that it is not easy to
unprotect the sheets or enter the VBA processor but am not sure if
this is any better than doing nothing.

I think it is not better than doing nothing. You can just disable the
macros when you open the file. Hiding tools /buttons might be good to
help some inexperienced user (so he will not get lost) but it is not a
security measure, IMHO.

Any advice would be much appreciated.

Well, this is what I can think, sorry if my opinion is not very
positive. But this is the experience I have.

Best regards,
Adrian.
Reply With QuoteReply With Quote