Security Settings
158 Group Policy settings under Security Settings. Browse the sub-folders and settings below.
Sub-folders
- Digital Signatures (20)
- Escrow Certificates (20)
- Trust Center (68)
Settings
- ActiveX Control Initialization
- Allow Basic Authentication prompts from network proxies
- Allow file extensions for OLE embedding
- Allow root or intermediate certificates as VBA trusted publishers
- Allow specified hosts to show Basic Authentication prompts to Office apps
- Allow VBA to load typelib references by path from untrusted intranet locations
- Automation Security
- Block additional file extensions for OLE embedding
- Block all internet macros (ignore trusted locations or publishers)
- Block Insecure Protocols
- Block loading of COM/VSTO add-ins registered in HKCU
- Block OLE Graph
- Block OrgChart
- Check ActiveX objects
- Check Excel RTD servers
- Check OLE objects
- Check OWC data source providers
- Control how Office handles form-based sign-in prompts
- Disable 3D Model File Formats List
- Disable additional security checks on VBA library references that may refer to unsafe locations on the local machine
- Disable All ActiveX
- Disable all Trust Bar notifications for security issues
- Disable password to open UI
- Disable VBA for Office applications
- Disable VSTO 2003 and 2005 document-level customizations
- Enable macro trust levels
- Enable Minimizing VBA Project Digital Signature Invalidation
- Encrypt document properties
- Encryption mode for Information Rights Management (IRM)
- Encryption type for password protected Office 97-2003 files
- Encryption type for password protected Office Open XML files
- Force Runtime AV Scan
- List of allowed COM/VSTO add-ins registered in HKCU
- Load Controls in Forms3
- Macro Runtime Scan Scope
- Prevent Word and Excel from loading managed code extensions
- Protect document metadata for password protected files
- Protect document metadata for rights managed Office Open XML Files
- Require trusted publisher signatures for macros that are always loaded
- Restrict Apps from FPRPC Fallback
- Set minimum password length
- Set password hash format as ISO-compliant
- Set password rules domain timeout
- Set password rules level
- Suppress hyperlink warnings
- Turn off error reporting for files that fail file validation
- Turn off PDF encryption setting UI
- Turn off Trusted Documents for VBA macros
- Use the Azure Information Protection add-in for sensitivity labeling
- Use the Sensitivity feature in Office to apply and view sensitivity labels