PolicyPak for Microsoft Office 2010

PolicyPak for Microsoft Office 2010

PolicyPak for Microsoft Office 2010

It’s the flagship Office application for Microsoft.  Nearly all of your users utilize it each and every day.  It’s one of those bread and butter applications suites your users depend on.

That’s why you can’t afford to have your users constantly altering the configuration settings of this key product your business users run every day.

PolicyPak sets and enforces expectations for your users’ applications, so that they get the same experience, every time they launch it.

Ensure your Office settings are dictated and ensured using PolicyPak. Get those settings out there using Group Policy, SCCM or your own management tool. Check out this video to see how it’s done:

Our PolicyPak software controls all of the applications that make up the Office 2010 application suite. That snaps-in to the Group Policy Editor gives you the same user interface as Office 2010 itself.

Here are some examples.If we start off with Outlook 2010 you can set key settings such as “Don’t download pictures automatically in HTML e-mail messages or RSS items.”

There are many important security settings in Outlook that govern your critical email communications.  In “Programmatic Access,” you definitely want your users to be“Warned about suspicious antivirus activity when their antivirus software is inactive or out-of-date.”

Security may not seem as important an issue for Word as it is Outlook, but there are many important security settings that protect your client systems from Word files that your users download and open every day.  In this example you are ensuring that your users have “Protected View” enabled.

Like all of the Office 2010 applications, Word has some very important configuration settings governing Add-ins such as “Require Application Add-ins to be signed by a Trusted Publisher.”

“Privacy Options” are configurable in all of the Office 2010 applications including Excel as is shown below.

And one can never forget the importance of Managing “Active-X settings” through Excel and the entire application suite.  Here you can enforce “Disable all controls without notification.”

With PolicyPak, you’re the one in control.

Besides, once you’re using PolicyPak to manage Microsoft Office 2010, you’ll also get to manage all your other enterprise desktop applications the same way: Flash, Java, Firefox, Lync and any custom applications you have. They’re 100% included – absolutely free.

It’s all included when you’re a PolicyPak Professional customer.

PolicyPak was designed by Microsoft MVP, Enterprise Mobility Jeremy Moskowitz – who “wrote the book” on Group Policy, runs GPanswers.com, and lives and breathes Group Policy and enterprise software deployments and desktop lockdown.

When you’re ready to get serious about managing Microsoft Office 2010 using Group Policy or SCCM, PolicyPak is ready for you.

Manage Office 2010 with Group Policy video transcript

Hi, this is Jeremy Moskowitz, Microsoft MVP, Enterprise Mobility and Founder of PolicyPak Software.  In this video, we’re going to learn how to configure some of the Office 2010 applications using PolicyPak.

I’ve already got Office 2010 installed on my computer, and I’m just a regular user here.  As you can see, I’m logged on as a guy called “eastsalesuser4.”  I’ll open up Outlookto start with and go to Options, and examine the configuration settings a user has access to, which can mess up your day.  We have lots of settings in this application but as a network administrator, I’m most interested in the “Trust Center Settings.” As you can see here we have some security settings that are unique to Outlook such as “Email Security,” “Attachment Handling” and “Programmatic Access.”

If I open up Microsoft Word and review my “Trust CenterSettings” we see some more tabs that important to this application as well such as “Protected View“ and “Attachment Handling.”  Finally, if I open up Microsoft Excel, we have some“Trust Center Settings” here that are common to many of the Office 2010 applications such as “Privacy Options” and “ActiveX Settings.”

Let’s see how we can ensure compliance and perform desktop management of settings quickly using PolicyPak.  I’ll go ahead and switch over to my Management Station computer.

We’ll go ahead and right click over our “East Sales Users”, “Create a GPO” and we’re going to call it “Manage Office 2010.”  So this GPO is now associated with the “East Sales Users.” I’ll right click over it.  I’ll click “Edit…” I’ll dive down under “User Configuration,” “PolicyPak/Applications/New/Application.” There it is, “PolicyPak for Microsoft Outlook” along with other applications like “Java,” “Flash” “Firefox,” “Skype” and lots of other important desktop applications that your users utilize every day (and you want to make more secure.).

Let’s start with Outlook once again.  Let’s go to “Email Security” and let’s check “Encrypt contents and attachments for outgoing messages” “Add digital signature to outgoing messages” as well as “Read all standard mail in plain text.” Notice how when I initially checked these settings that the text became underlined.  That means that the setting values are going to be delivered to the user.  Next let’s go to “Automatic Download” and let’s uncheck “Don’t download pictures automatically in HTML e-mail messages or RSS items.”

Now let’s go back to our GPO and let’s add the application, Microsoft Word 2010 which will give us the interface we need to manage that application.  Your users frequently download Word files so you want to ensure that “Protected View” is enabled on all accounts.  While we’re at it, let go to “Add-ins” and ensure that “Require Application Add-ins to be signed by a Trusted Publisher” is enabled.

Now I will go back to my client machine, we’ll get a command prompt and run “gpupdate.”  Now you could envision the user logging on for the very first time, using a Terminal Services or Citrix machine, using a VDI session, changing job roles, or getting a new computer.   I just happen to be using gupdate.

Now that that’s done, let’s go ahead and reopen Outlook.  We can see that our desired settings within “Trust Center Settings” have been delivered. We can then open up Microsoft Word and verify the delivery of our settings as well.  PolicyPak is doing its job.

Let’s configure one more application within the Office 2010 suite.  Let’s return to my management station computer and add one last application, Microsoft Excel 2010, to our GPO.  You would want “Privacy Options” configured for all of the Office 2010 applications, but for the sake of this video, we’ll just configure them within Excel. Notice that I am going to enforce the unchecked values for many of these settings.  Finally, I will go to “ActiveX Settings” and select “Disable all controls without notification.”

Now I will go back to my client machine but this time I’m going to log off as eastsalesuser4 and log on now as eastsalesuser5.  Now let’s open up Microsoft Excel and confirm that those settings have been delivered as well.  Just to demonstrate the controlling power of PolicyPak, let’s pretend that eastsalesuser5 is trying to modify and work around your settings.  I know you know users who love to do this, and make the machine less optimal and secure.

Now let’s close the application and reopen it and we see once again that PolicyPak has simply reverted the user’s settings right back to your desired settings.  Even if the user is offline, your settings are always preserved because PolicyPak is always working for you in the background, making the job of you the administrator, easier.

PolicyPak performs the magic. To get the magic delivered, you can use Group Policy, SCCM, LanDesk, KACE or your own systems management software. We just happen to be using Group Policy to deliver PolicyPak directives in this demonstration.

And we are done.  That is how incredibly easy it is for you to use PolicyPak to manage the Office 2010 suite is well as tons of other desktop applications.

If you’re looking for a trial of PolicyPak, just click on the “Webinar / Download” button on the right.

Thanks so much for watching, and get in touch with us if you’re looking to get started. Talk to you soon.