Thread: I hope to get many responses on this.
View Single Post
  #2   Report Post  
Posted to microsoft.public.excel.programming
joel joel is offline
external usenet poster
  
Posts: 9,101
Default I hope to get many responses on this.
The excel password is easy to break in less than 5 minutes. There are
programs readily available or the web to do this. I would lock the workbook,
but when you get a filled workbook back extract the data only and put it not
your own templet. Also perform checks to make sure the file you get back was
correctly entered. It is possible that the workbook will get unlocked and
any formulas may have gotten changed. This is the only way to insure that
the file wasn't changed or modified incorrectly.

"Steven" wrote:

I am currently in pain over the Sarbanes-Oxley rules and what they are
requiring. I am not sure if I am so upset over the requirements or what
appears to be manangements and Sarbanes auditors lack of knowledge of how to
use excel. The Sarbanes people want to throw more people at every issue and
my feeling is the real issue is their lack of knowledge of excel. Here is a
general idea of my proposal. I feel it would probably take care of half of
what they call deficiencies.

My question is how secure it this: I have to send a pre formatted excel
file "File01" to 10 subsidiaries so they can input thier month end financial
data. The file has 12 sheets. I passworded each sheet and only made
unprotected cells where I want input. I also passworded the workbook. I
also passworded the file. Now to open the file I also send each user a
second file "File02", it's sole purpose is to open the first file with code
which the VBA is also passworded. What I am telling the Sarbanes-Oxley
people is the file is secure and I will know if I get the correct File01
back becuase the first process when I open the file is to see if the file has
a password. If they do not send me the correct file then either the file
will not open because it has the wrong password or they used another file
with no password which I will catch when I ask if the file has a password. I
want to use this method because when I get the 10 files back I can do
basically anything I want with the data using macros to automate the combing
of data anyway that I want. Question: How secure is this method in that the
user will have to use File02 as the opening file to force use of File01 that
has file, workbook and worksheet protection. How easy would it be for
someone to get past all that security? Note: I am thinking if they get past
the file password it will not do them any good because they will not be able
to get past the Workbook and Worksheet security. I will also be testing each
files passwords for Workbook and Worksheet.

Thank you for your comments.

Steven
Reply With QuoteReply With Quote