Title

Disable the Information Rights Management feature for InfoPath. (Cat II impact)

Discussion

By default, users can use Information Rights Management (IRM) in InfoPath 2007 to create forms that have restricted permission for specific people who will access the form. By using IRM, users can help prevent sensitive information from being printed, forwarded, or copied by unauthorized people.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Office InfoPath 2007 -> Restricted Features “Information Rights Management” will be set to “Disabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\InfoPath\Designer\RestrictedFeatures Criteria: If the value IRMAllowed is REG_DWORD = 1, this is not a finding.

Fix Text

The policy value for User Configuration -> Administrative Templates -> Microsoft Office InfoPath 2007 -> Restricted Features “Information Rights Management” will be set to “Disabled”.

Additional Identifiers

Rule ID: SV-18793r1_rule

Vulnerability ID: V-17646

Group Title: DTOO174 - Information Rights Management

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.