Security Concerns with Microsoft Project Professional

H

Harold Miles

Are there any security risk in Microsoft Project Professional? A client of
mine was concern because project pro. allows for shared pools. Everytime I
look for any information about Microsoft Project Security I keep getting
Microsoft Project Server. Any pointer to like the steps to secure Microsoft
Project Professional would be greatly appreciated.
 
?

.

Hi Harold,

"shared pools" of what?

The only difference between Project Pro and Project Standard is that Pro can
interoperate with Project Server. If your client is buying Pro and do not
use Project Server, all they're doing is wasting about $300 per copy in
licensing fees.

Ray
 
R

Rick Roszko

Yes. It is a major security risk.

(a) The security of a shared pool is only as good as your Windows security
based on directory security. The directory should only be accessible by
those who need to access it.

(b) Even if the directory security is solid, the shared resource pool data
is only as good as your worst Project Manager on the team. Meaning, for
example, if you have 10 PMs and 9 of them are super experts and the best of
the best of the best, and the 10th PM is a careless bum with no clue on how
to use a shared resource pool, then your data can be trashed across all
projects by that one idiot PM.

Therefore (in my opinion only, of course), I hate shared resource pools
because some other twit can hose my project data and I can do nothing to stop
it. That is why everyone says “go to MS Project Serverâ€. Now as you pointed
out, that is a no go argument, so this is what you need to do:

Do it the old-fashioned way. Have a Resource Manager ("Scheduler") who
schedules resources. They can use MS Project to dole out time, but the data
is not shared, so that there is no cross-project pollution. For example, the
resource manager will have a plan that has "Resources" as Summary Tasks and
each sub-task is the project that person is assigned to for that duration.

Well, hope that helps…
 
H

Harold Miles

Thank you for your comments. Do you know if the adm files for Project 2003
Professional and GPO can prevent a shared pool from being turned on? If the
user does want to use a shared pool what steps should I take to make sure it
is secure? I am thinking: 1. Local Firwall, NTFS Permissions, and does
Project have a tool to select the active directory account to trust? Just
want to make sure if Project is installed then it is secure from non-project
managers.

Thanks!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Project Professional 2016 - Headers and footers not showing up in print preview & printed document 2
Project 2007 configures everytime Outlook 2003 receives an email 3
Project Server vs Microsoft Office SharePoint Server 3
Project 2007 professional fails to install 3
How to Secure a Category Projects' for their Project Owners Only 1
Resource Pool & Corrupt File 4
Confused about offerings 6
Project 2010 https 9000(0x2328) error when saving plan. 0

Top