Calgarypuck Forums - The Unofficial Calgary Flames Fan Community - View Single Post

TorqueDog · 05-26-2022, 03:33 PM

Quote:

Originally Posted by DoubleF

So it's not really a back door or stealing of sensitive information per se, but if you use "their tool" to create something, they can technically attempt to claim that creation in corporate property or something strange like that?

So it's less computer vulnerability even with the ability to push updates and a little more of an odd legal ownership vulnerability of things created using the software they own? Huh... interesting. Thanks for the explanation.

This doesn't completely help me understand how to completely explain that those $5 license codes of M365 on eBay aren't a good idea on personal and non-key work computers. I wish I knew what key words to look into to research this further.

Not quite; it's just that sensitivity labels are applied by default. This is because the assumption is you are using corporate tools for corporate stuff, and most people forget to apply a label at all if one isn't already set by default.

In order to use the company's license for Office 365, you have to use your corporate credentials to activate it. With those credentials, it will also connect to the corporate SharePoint and OneDrive for Business to ensure your documents are available -- again, it assumes you're using corporate tools for work -- which means the ability to open corporate documents on that endpoint, thus the requirement for ensuring the system is secure and can work with IRM sensitivity labels, which I think is a justifiable one on the company's end. I just don't think -- as an end user -- I would be willing to submit to any level of control over my personal PC to my company just so I can use a word processor.

As the user you can only allow it to control just the app in most instances (a 'zero trust'-type configuration will not allow it), but it will still enable IRM sensitivity labels and you'll want to make sure you flag your documents as 'Non-business' or whatever the 'not encrypted, no rights revocation' option is; the default is 'General' which applies a basic IRM policy.

Those $5 codes aren't a good idea because they're usually stolen VLK / MAK keys and your copy can go -poof- if the contract to which the license key is associated gets revoked. If they're NOS Office perpetual licenses, that's different, then you're just getting an old copy of standalone Office suite that someone couldn't sell.