Scrub documents of hidden sensitive data

Microsoft Office documents -- including Excel spreadsheets, PowerPoint slides and Word documents -- often contain hidden content that may contain sensitive Duke data. This could include:

  • Tracked changes or comments (inserted or deleted text) 
  • Data embedded in charts and tables
  • Speaker notes
  • Hidden cells or text
  • Other file properties and summary information
  • The names of previous document authors
  • Document versions and revisions
  • Macros

Working with charts and tables

Tables or charts that contain sensitive data should be pasted in a manner that does not embed or link the Excel workbook with the sensitive data. For charts, this means pasting the chart as a picture which will transfer none of the underlying data. For tables, make sure to paste as text and ensure there is no link between the source file and your destination file.

Use the "Paste special" command with the following key combinations:

  • Windows: Ctrl+Alt+V        
  • MacOS: Command+Control+V

Before posting or sending any document that could be seen by a public audience, run the Inspect Document tool available in PowerPoint, Word and Excel.

Managing Metadata

These documents educate and guide users in the safe management of metadata in Office 365 and Adobe Acrobat files. They can be printed or saved as Box Favorites for quick reference.

Key actions

  • Save files in a "flat" format to limit metadata. Word and PowerPoint files can be converted document into .pdf, .rtf or .txt. Images should be saved in PNG file format instead of JPEG.
  • Use Microsoft Inspect Document to review and remove various categories of metadata in Microsoft Office documents. Make a copy of your document before you start the cleanup process.
  • Follow Adobe's PDF Properties and Metadata guidance for handling metadata in PDFs.
  • To create a redacted copy, save the document as PDF first, then use the PDF Redaction tool. Overlaying documents with black-colored boxes is not redaction!