Securing Outlook Items

There are several ways to secure your Outlook items. You can add some basic security to your individual items by marking them private, or you can secure your entire Personal Folders file. Additional steps can be taken when using Outlook as a client for Exchange Server.

You can take security to the next level by using digital certificates and digital signatures. At that point, you should make sure that your computer is physically secure because after you attach a digital signature to your email messages, you want to ensure that you're the only one sending those emails. Otherwise, someone could use the digital certificate to impersonate you when sending messages.

Mark Items as Private

When you create certain Outlook items, such as calendar items, journal entries, and tasks, you can mark them as private. This can hide them in several circumstances. If you're sharing a folder with another user, private items are not displayed to the other user. If you give someone delegate access, you can choose whether your delegates can view your private items.

To create a private appointment, check the Private check box on the first page of the Appointment form. After you mark an item as private, you can view the item, but others with access to your folder see only the existence of the item. For example, when viewing the Calendar folder of another user, Figure 25.1 shows a meeting that isn't marked private at 9 a.m. and an appointment that's marked private at 11 a.m.

If you've given another Exchange user delegate access to any of your folders, you can choose whether or not to allow that user to view private items. To check this option, select Tools, Options, and click the Delegates tab. Select the delegate and click Permissions to display Figure 25.2. If you want to hide your private items from your delegate, uncheck the box marked Delegate Can See My Private Items.

Securing a Personal Folders File

If you're not using Outlook as a client for Exchange Server, or if you aren't storing your Outlook items on the Exchange Server computer, you must be using a Personal Folders file. You can secure your Personal Folders file with a password to make it more difficult for others to open that file without your permission.

NOTE

Although you can set a password on your Personal Folders file, doing so doesn't guarantee that no one can open your Personal Folders file. Password-cracking utilities are widely available on the Internet. A good password-cracking utility can be had for under $50. Even though this can be a lifesaver if you ever forget your Personal Folders file password, it also means that an unscrupulous person can crack your password for very little money.

To create a password for your Personal Folders file, use the following steps:

Exchange Server Security

When you use Outlook as a client for Exchange Server, you can take some additional measures to protect your data. First of all, you can require Outlook to ask for a password before it opens. Second, you can control who can access your data and the level of access they have through permissions.

Logon Security

If you use Outlook as an Exchange client, the default configuration is to use NTLM security to access your Exchange mailbox. That means to log on to your Exchange mailbox, you must first be logged on to Windows with the user account associated with your Exchange mailbox. Although this is the easiest method of accessing Outlook as an Exchange client, it doesn't provide any extra security. As long as you've logged on to Windows, anyone can access your Outlook profile.

You can change the authentication method Outlook uses and require that your password be entered every time Outlook is opened. This does nothing for the physical security of your computer or its data, but it prevents anyone who doesn't know your network password from accessing Outlook. To change your authentication method for Outlook, use the following steps:

The next time you start Outlook, you'll be required to enter your username, password, and domain to access your Outlook data, as shown in Figure 25.7. You'll have to enter your username and domain in the format domain\username. If an incorrect password is entered, Outlook won't open.

After you've entered your username, password, and domain, subsequent openings of Outlook will require you to re-enter only your password. The other information is saved unless someone else is also using your computer to access Outlook.

Encryption

Outlook 2003 offers one additional security feature when connecting to an Exchange Server: encryption. You can choose to encrypt your data as it travels between the client and the server. When the data reaches either the client or the server, it is decrypted. Choosing to encrypt your Outlook data does nothing for the data residing in Personal Folders or Archive files, but it offers an additional layer of security as your messages are transmitted between client and server.

To add encryption to your Exchange email account, use the following steps:

Using Permissions

If you share your Outlook data with other users through Exchange Server, you can specify the exact permission level they have on all your Outlook items. For example, if you have an assistant, you can give him access to your Calendar folder so that he can schedule meetings for you while you're out of the office. However, you don't want him to be able to change any of your existing meetings. To do this, right-click your Calendar folder and select Properties. Choose the Permissions tab and configure your permissions to match those in Figure 25.8.

You can give your assistant Contributor access to your folder. Your assistant can see the folder, but he cannot see any of the items in the folder. He also can't edit any items in the folder, even the items he creates.

For more information on Exchange Server permission levels, see "Granting Access to a Public Folder," p. 705.