There are several ways to secure your Outlook items. You can add some basic security to your individual items by marking them private, or you can secure your entire Personal Folders file. Additional steps can be taken when using Outlook as a client for Exchange Server. You can take security to the next level by using digital certificates and digital signatures. At that point, you should make sure that your computer is physically secure because after you attach a digital signature to your email messages, you want to ensure that you're the only one sending those emails. Otherwise, someone could use the digital certificate to impersonate you when sending messages. Mark Items as PrivateWhen you create certain Outlook items, such as calendar items, journal entries, and tasks, you can mark them as private. This can hide them in several circumstances. If you're sharing a folder with another user, private items are not displayed to the other user. If you give someone delegate access, you can choose whether your delegates can view your private items. To create a private appointment, check the Private check box on the first page of the Appointment form. After you mark an item as private, you can view the item, but others with access to your folder see only the existence of the item. For example, when viewing the Calendar folder of another user, Figure 25.1 shows a meeting that isn't marked private at 9 a.m. and an appointment that's marked private at 11 a.m. Figure 25.1. You can mark items private so that their details don't appear to others sharing your folder.If you've given another Exchange user delegate access to any of your folders, you can choose whether or not to allow that user to view private items. To check this option, select Tools, Options, and click the Delegates tab. Select the delegate and click Permissions to display Figure 25.2. If you want to hide your private items from your delegate, uncheck the box marked Delegate Can See My Private Items. Figure 25.2. You can prevent your delegates from seeing your private items.Securing a Personal Folders FileIf you're not using Outlook as a client for Exchange Server, or if you aren't storing your Outlook items on the Exchange Server computer, you must be using a Personal Folders file. You can secure your Personal Folders file with a password to make it more difficult for others to open that file without your permission. NOTE Although you can set a password on your Personal Folders file, doing so doesn't guarantee that no one can open your Personal Folders file. Password-cracking utilities are widely available on the Internet. A good password-cracking utility can be had for under $50. Even though this can be a lifesaver if you ever forget your Personal Folders file password, it also means that an unscrupulous person can crack your password for very little money. To create a password for your Personal Folders file, use the following steps:
Exchange Server SecurityWhen you use Outlook as a client for Exchange Server, you can take some additional measures to protect your data. First of all, you can require Outlook to ask for a password before it opens. Second, you can control who can access your data and the level of access they have through permissions. Logon SecurityIf you use Outlook as an Exchange client, the default configuration is to use NTLM security to access your Exchange mailbox. That means to log on to your Exchange mailbox, you must first be logged on to Windows with the user account associated with your Exchange mailbox. Although this is the easiest method of accessing Outlook as an Exchange client, it doesn't provide any extra security. As long as you've logged on to Windows, anyone can access your Outlook profile. You can change the authentication method Outlook uses and require that your password be entered every time Outlook is opened. This does nothing for the physical security of your computer or its data, but it prevents anyone who doesn't know your network password from accessing Outlook. To change your authentication method for Outlook, use the following steps:
The next time you start Outlook, you'll be required to enter your username, password, and domain to access your Outlook data, as shown in Figure 25.7. You'll have to enter your username and domain in the format domain\username. If an incorrect password is entered, Outlook won't open. Figure 25.7. Enter your username, password, and domain to log on to Outlook.After you've entered your username, password, and domain, subsequent openings of Outlook will require you to re-enter only your password. The other information is saved unless someone else is also using your computer to access Outlook. EncryptionOutlook 2003 offers one additional security feature when connecting to an Exchange Server: encryption. You can choose to encrypt your data as it travels between the client and the server. When the data reaches either the client or the server, it is decrypted. Choosing to encrypt your Outlook data does nothing for the data residing in Personal Folders or Archive files, but it offers an additional layer of security as your messages are transmitted between client and server. To add encryption to your Exchange email account, use the following steps:
Using PermissionsIf you share your Outlook data with other users through Exchange Server, you can specify the exact permission level they have on all your Outlook items. For example, if you have an assistant, you can give him access to your Calendar folder so that he can schedule meetings for you while you're out of the office. However, you don't want him to be able to change any of your existing meetings. To do this, right-click your Calendar folder and select Properties. Choose the Permissions tab and configure your permissions to match those in Figure 25.8. Figure 25.8. The permissions shown here allow your assistant to create new items, but not to edit any items.You can give your assistant Contributor access to your folder. Your assistant can see the folder, but he cannot see any of the items in the folder. He also can't edit any items in the folder, even the items he creates.
For more information on Exchange Server permission levels, see "Granting Access to a Public Folder," p. 705. |