Keep Your Presentations from Ending up on WikiLeaks
This past week brought news of another leaked PowerPoint presentation. The US Chamber of Commerce and Bank of America (the latter under threat of an embarrassing WikiLeak revelation about the company) hired private security firms to launch a counteroffensive against WikiLeaks and its supporters including sabotage, disinformation and general discredit the messenger type stuff.
And, of course, with PowerPoint being the way businesses communicate, the group of security firms created a PowerPoint proposal to pitch their services.
There's way more to the story including the fact that both the PowerPoint and thousands of emails from the security firms were hacked by Anonymous (doesn't say much for the security firms' security...), but the moral is that in the age of WikiLeaks and rapidly diminishing digital privacy, you probably want to think about securing your presentations.
Here's how:
#1 - Password Protect your PPT File
When you're in the editing phase and need to keep your sensitive presentation in PowerPoint, add a password to the file—and, of course, do not distribute the password by email.
In PPT 2010, go to File: Info: Protect Presentation: Encrypt with Password... and enter a password that will be needed for anyone to open and edit the presentation.
In PPT 2007, go to Windows Button: Prepare: Encrypt Document...
On the Mac: Historically, Mac versions have provided no support for password security. PowerPoint 2011 allows you to open previously password-protected presentations, but currently the only way to implement security is the Microsoft Rights Management and restricting permissions.
#2 - Convert to PDF and Password Protect File
I always recommend converting PowerPoint files to PDFs before sending to clients or outside of their offices even if security is not an concern. But if the document is sensitive, Acrobat can also apply various levels of security requiring passwords for everything from opening to editing and printing. Unfortunately, adding this kind of security requires Acrobat Pro (not just Acrobat Reader). But if you're working with sensitive files, you might want to drop a few bucks on Acrobat Pro...
#3 - Encrypt via Zipped Folder
If you're still on Windows XP, you can apply password protection after you have zipped a presentation, but sadly, this functionality is gone in Windows 7.
Turn to third party software such as SecureZip.
Of course, it goes without saying that any hacker group that can infiltrate governmental websites can probably also crack a Microsoft password, but if you're not quite engaged in James Bond international intrigue, password protecting files is probably a smart thing to do to deal with the laptop left at a Starbucks...
Further PowerPoint Security Issues & Solutions
There are a few more ways that a PowerPoint file can get you into trouble. Here's how to avoid them:
Remove Speaker Notes, Comments, Off-Slide Data: You might want to distribute your slides to others, but not your speaker notes or comments. You know, the ones that say "Client is being an idiot about this number. Just make them happy." PowerPoint can wipe all of these (and a few other things) away for you with a few clicks. In PPT 2010, go to File: Info: Prepare For Sharing: Inspect Document... In PPT 2007, go to Windows Button: Prepare: Inspect Document...
Avoid the Excel Data Surprise: When you copy and paste an excel chart into PowerPoint, you have options as to whether embed or link the data sheet or to paste as picture. In either of the first two cases, you might be surprised to learn that PowerPoint now has a connection not just to the chart data, but to the ENTIRE EXCEL FILE. What this means is that if you have a company salary data Excel file on your desktop (which you think is secure), but embed in PPT just a cumulative chart from that file, then anyone with access to the PPT file now has access to the entire salary data for your company. This has actually happened more than once, and it can be devastating. Imagine sending a client an embedded file with all of your markup information. The workaround is to paste as a picture (which I generally don't like doing) or create a separate Excel file from which to link or embed.