Hancom Office Policy Settings
[Policy] > [Basic Decontamination Policy] > [Hancom Office] Settings
This is a security settings tab specialized for Hancom Office (HWP, etc.) documents.
You can block document-based threats by removing scripts, objects, hyperlinks, etc., and the policy also includes responses to compatibility issues or non-standard format problems that may arise due to the characteristics of Hancom documents.
⚠️ The permission to set the basic de-identification policy is granted to [Administrator Type - System Administrator], and
Administrator permission settings can be configured in [Administrator Settings] > [Account and Permission Management].
Detailed Description of Settings Items
| Policy Name | Description |
|---|---|
| Settings for Removing Objects in Hancom Office Documents | Set whether to remove OLE objects (spreadsheets, charts, videos, etc.) inserted in Hancom Office documents. OLE objects are external linked entities within a document that can execute external programs when the document is viewed, posing a risk of malware execution. |
| Setting to Remove Hyperlinks in Hancom Office Documents | Set whether to remove hyperlinks included in Hancom Office documents. Hyperlinks can lead to malicious sites or pose security threats through external connections. |
| Hancom Office Document Script Removal Settings | Set whether to remove scripts included in Hancom Office documents. A script is code that automatically runs when a document is opened and is a major pathway for the execution of malicious code. |
| Hancom Office Distribution Document Blocking Settings | Set the blocking status of the Korean document saved for distribution. The deployment document is in a restricted format, which may have security vulnerabilities and the possibility of malicious code being inserted. |
| Blocking the Creation of Non-Standard MS Office Files in Hancom Office | Set the blocking status for Microsoft Office format documents created in Hancom Office. Hancom Office has structural differences due to its independent implementation of some MS formats, making it difficult to ensure consistency during sanitization processing. |
Input Rules and Precautions
- Specify the object to maintainis 'Hancom Office Document Object Removal Settings'
ONIt operates only in a state, and the object name must use an accurate name recognizable by the system. - Scripts in Hancom Office documents are generally considered a security threat even if they do not run automatically, so it is recommended to remove them.
- Non-standard MS Office files created in Hancom Office may have the appearance of MS format but may actually have a structure that is not compatible, so a blocking policy may be necessary.
Notes
| Terminology | Definition | Security Threats and Policy Considerations | example |
|---|---|---|---|
| OLE Object (Object Linking and Embedding) | External content included in the document (images, documents, executable files, etc.) | If an object in the form of an executable file is included, there is a possibility of malicious code execution when viewing the document. | Inserted in the HWP document.exeExecutable files, external document links |
| hyperlink | within the documentwebsite, network path, fileLink connected to | There is a risk of information leakage due to malicious URL connections or phishing site inducement. | A link like "Click here for more details" |
| script | Inserted to automate document actionsCustom Code | Abnormal command execution or system access is possible, so removal for security reasons is necessary. | Calculation code that runs automatically when the document is opened |
| Deployment Document | Generated for printing in Hancom OfficeEditing Restriction Document | There may be errors during de-identification due to encryption protection, output restrictions, etc., and security settings may be changed internally. | Contract document saved as 'for distribution' |
| Non-standard MS Office files | Saved in Hancom Office.doc, .xlsetc.Incompatible MS Office format documents | not compatible with actual MS Office or structurally unstableDecontamination errors or threat concealment possibilitiesexistence | Saved in HWP.docDocument, a file that only looks like an MS document. |
- This setting is
.hwp,.hwt,.hwpxIt is limited to Hancom Office documents. - All related policy changes can be managed and restored in the [Policy Change History] menu.