Understand Windows Security

Before we talk about Excel security, it is important to explain some general concepts related to the Windows operating system. This may seem basic to some of you, but Windows security features are somewhat hidden and it’s a good idea to cover them somewhere.

Permissions are a set of capabilities that someone has or doesn’t have. Permissions apply to files and locations, so someone may be able to open a specific folder, see files, but not write to that folder or edit the files it contains.

Users are identities that Windows uses to control access. When you sign on with a username and password, Windows authenticates that information and thereafter identifies you as machinename\username if your network uses workgroups or domainname\username if your network uses domains. Your identity is then used any time you request permission to use a resource, such as open a file or run an application. If your identity has permission to use that resource, you are granted access and the requested file opens or the application runs.

Groups are the security groups to which a username belongs. Windows comes with some groups already configured: Administrators, Users, Guests, Backup Operators, and Power Users. Groups provide an easy way to grant a set of permissions to a set of users rather than having to grant permissions to many individual users.

Certificates and digital signatures are small identifiers that can be attached to a data file or executable that identify the ...

Get Programming Excel with VBA and .NET now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.