a Cyber Security Tool
Mobile code (aka "macros" -- though now vastly more complex than the originals that they have replaced) is often used to automate and customize documents. Unfortunately, it is often used to attack systems and spread malware.
The product is named LockDown. Once locked down (through the use of digital cryptographic signatures), a Word or Excel file is safe from tampering. Modifying the mobile code removes the "LockDown" attribute AT THE POINT OF MODIFICATION. The mobile code will not execute until it has been locked down again.
LockDown does not affect the ability to modify information in the file. The spreadsheet data or the document text can be freely revised. Only the mobile code is locked down.
LockDown supports forensic investigations. Whenever a file is locked down, an extensive forensic signature of the transaction is recorded, including copies of the original file before and after being locked down. The key features are traceability and non-repudiation.
LockDown is modular and may be extended beyond Microsoft Excel and Word, either to other MS Office components or to other applications.
LockDown can be implemented in the enterprise as:
a web application;
a Windows desktop application with one or more authorized operators;
a combination of the two.
The business models for these approaches are identical and emphasize efficiency, scalablility, service, and support.
As currently implemented, LockDown uses digital certificates. Additional methodologies are currently being investigated. The primary goal is to limit the collateral damage that occurs when the enterprise is attacked. Secondary goals include increased effectiveness and reduced costs.
Other areas of interest include malicious code detection, additional platform support, reduced dependency on vendor applications, additional forensic capabilities and increased automated operation.