Risks of Metadata in Word Documents

The risks associated with metadata in Word files are often overlooked. There are many different types of metadata, including metadata about websites, metadata about video files, and metadata about electronic documents. Metadata in Word describes document attributes such as the title, author, content, location, and date of creation. Knowing this information can be helpful when cataloging electronic information. But metadata can also share confidential and potentially embarrassing information with an unintended audience.

Every time an electronic document is created, metadata is automatically added to it. And some of this metadata in the Word document may be confidential. There may be previous versions, or information that may have been rejected or accepted, and may also expose corporations to hidden risks when it is emailed to people outside the company.

It’s often possible to view a history of every change ever made to a Microsoft Word document during its lifetime. Metadata in Word can include edits made by others, comments placed in it by you or your co-workers, as well as over 20 other types of hidden information.

Learn how Workshare Protect can provide Policy-enforced Document Security
for Microsoft Office.

Learn more about the dangers of Metadata in Word documents.

It’s Not Just Metadata in Word Documents
A quick review of the Fortune 1000 Web sites shows that 33% of these Web sites contain Microsoft Excel documents publicly posted either directly on the company's corporate Web site or linked to a third party site for SEC filings. Metadata can be saved with Microsoft Excel files. Accidental posting of Microsoft Excel documents that contain potentially harmful document metadata can be easily viewed by anyone who downloads these documents.

Metadata in Word documents is further compounded when documents are attached from within Microsoft Outlook and sent to outside parties. Used as the de facto way to electronically exchange documents in an enterprise environment, Microsoft Outlook does not offer warnings about metadata in attached documents or zipped files. Thus, the potential to accidentally send Microsoft Word documents containing harmful metadata (and thus expose a corporation to the inadvertent disclosure of sensitive information) is amplified tremendously with every document that is sent back and forth in a collaboration.

How to Remove Metadata in Word Documents
The problem is not that metadata is added to a document, but rather, it is often more difficult to remove the metadata once it has been added. And because this type of information travels with the document every time it is emailed to others, sensitive or confidential information may be transmitted unknowingly.

Because metadata is often invisible, document users can unwittingly send confidential information to people outside their organization. In fact, there have been several widely publicized, high profile cases in which document metadata proved to be the culprit.

Metadata in Word documents can put your organization at financial risk, a competitive disadvantage, or in an embarrassing situation with costly consequences. Workshare
solutions can protect your company.