Configuring Microsoft Office macro settings is all about controlling what types of automated scripts can run in your Office documents. Now, you might be thinking, "Macros? Aren't those just those handy little shortcuts in Excel?"

Well, yes, but they're also a favourite playground for cybercriminals. Here's why:

  1. Trojan Horse Tactic: Macros can be the digital equivalent of a Trojan horse. A seemingly innocent document could be hiding malicious code that activates when you open it.
  2. Automatic Execution: If not properly configured, macros can run automatically when a document is opened, giving attackers an easy way in.
  3. Privilege Escalation: Some macro malware can even try to gain higher privileges on your system, potentially compromising your entire network.
  4. Stealth Mode: Macro-based attacks can be harder to detect than traditional malware, making them a sneaky threat to your business.

But don't worry, with the right settings and tools, you can nip this one in the bud.


 Implementation Plan: 

  1. Choose Your Software: Select a tool that fits your business size and IT infrastructure.
  2. Roll Out the Red Carpet: Implement your chosen tool across your entire business. This might take a bit of time, but it's worth it. Make sure every device with Office installed is covered.
  3. Future-Proof It: Set up your tools to automatically apply macro settings to any new device or user added to your network. This way, you won't have to remember to configure settings manually every time.
  4. Keep an Eye on Things: Set up regular reports to show if any devices are deviating from your macro security policy. It's like an automatic health check-up for your Office suite.
  5. Provide Clear Guidelines: This one might not be relevant to train your team on broadly, but you should create an easily accessible policy document for macro usage for those users who do need it. This should outline:
  • The default stance on macros (likely disabled for most users)
  • The process for requesting macro permissions if needed for work
  • Who to contact if they encounter issues or need support
  • Any approved sources for macros (if applicable)

Essential 8 Maturity Levels:  
In the Essential 8 framework, you can achieve different levels of security maturity for macro settings. Here's how it breaks down:

To hit Level 1, you need to:

  • Disable Office macros for users who don't need them
  • Block macros in files from the internet
  • Enable antivirus scanning of macros

But here's the kicker: with just a little more effort, you can reach Level 2:

  • Block Office applications from creating child processes (sounds techy but can be completely automated so nobody has to think about it)
  • Block Win32 API calls in Office macros (also techy but can be automated)

And if you're feeling ambitious, Level 3 is within reach:

  • Only allow macros from Trusted Locations or with trusted digital signatures
  • Validate your list of trusted publishers annually (and you can setup automated reminders for this too)

The jump from Level 1 to 2 or even 3 often doesn't require much more work, especially if you're using a comprehensive software tool for this. These tools can often handle the requirements for higher levels right out of the box.

So why not aim high? You might find yourself with top-tier macro security before you know it and you can bore your mates with this fact at your next weekend BBQ. Even if for some reason they seem uninterested, at least deep down you'll know you've got it sorted.

Want to Know More?

  1. Patch Applications: Keep your software up-to-date to fix those pesky security holes.
  2. Patch Operating Systems: Same deal, but for your computers' core operating system.
  3. Configure Microsoft Office Macro Settings: Stop nasty code hiding in seemingly innocent documents.
  4. User Application Hardening: Lock down your everyday software to make it harder for the bad guys.
  5. Restrict Administrative Privileges: Not everyone needs the keys to the kingdom.
  6. Multi-factor Authentication: Add an extra layer of security beyond just passwords.
  7. Regular Backups: Because sometimes, you need a plan B (or C, or D).
  8. Application Control: Only run the software you trust.