We have just installed the MS Office 2013 Pro (Vol Lic) version and need to get some questions answered.
Once Office 2013 is installed the user see's that he is "logged in" as his Active Directory user login for the computer.
As our company considers the cloud-centric infrastructure and changes inherent to Office 2013 (and by proxy, Windows 8 and Windows Server 2012), a number of critical security concerns were identified in our weekly IT meeting. The following list itemizes the most urgent of these concerns.
(While reading the questions below please assume that we will not be logging into any Microsoft account with Office 2013.)
1. Are documents from the local system being sent to Microsoft as suggested by the account synchronization screen?
a. If so, under what circumstances? Can this be disabled?
2. Are the domain credentials (username and/or password) for the locally logged in user being sent to Microsoft?
3. What ‘configuration data’ is being sent to Microsoft?
a. What circumstances govern the transmission of this configuration data?
b. Is this data generic in nature or personally identifying?
4. Are there safeguards available to ensure that sensitive files are not transmitted to Microsoft when opened in a Microsoft Office application?
5. Are there hardware and software based safeguards that can detect and/or prevent the transmission of sensitive data to Microsoft or the exploit of these mechanisms by a third party? Any assistance with this is greatly appreciated.
Any assistance with this is greatly appreciated.
FSRjr