+ 0 Votes Re gechurch July 13, 2013 at 1:26am PST 2) Stick to the tried and true methods: - Password protect the file - Encrypt the file - Don't open super-sensitive files on PCs you can't control - Don't carry super-sensitive files on a USB stick 3) Password protection in Word is pretty good from memory. Some password mechanisms can be deciphered in a few seconds, but I'm pretty sure Word's is solid and needs a brute-force or dictionary attack to crack. How long that takes depends on the strength of the password you choose. In fact, I've just had a play and can see that documents with a password set in Word also get encrypted (so you can't, for example, open them in Notepad and scroll through the gibberish to find the actual text of the document - it will all appear as gibberish). Re the Recycle Bin, this only kicks in if you delete the file so won't be a factor when you're only reading the document. Forensics/data recovery is about reading your hard drive/USB stick in a special way looking for files that used to be stored on it, but aren't any longer. As a very quick overview, the way files are stored is similar to the way a book is laid out; the actual content is on a numbered page, and there's a table of contents keeping track of which 'page' your content is stored on. When you delete a file (even permanently, without using the Recycle Bin) all that happens is the table of contents is altered to remove the reference to your page/file. Your file is still physically sitting on the drive though, and is recoverable using special software. At some point in the future the disk will want to re-use the space your now-deleted file is using and will overwrite it with a new file. Once this happens to every 'page' of your file it is in practical terms lost forever. In short - since you're not saving the file this won't be a concern for you. (If you happened to delete the file from your USB stick though and then immediately give that USB stick to someone else they could recover it though). 4) I used to work in a computer repair shop. Sometimes I would open customer files - this was mostly to check that file associations were set correctly, or to test how long it takes to open to make sure the computer was running ok. Sometimes I saw thumbnail images of people's Internet History when I was clearing it out too. I definitely saw some stuff I'd rather not have seen (yes, porn mostly). I also happened across the odd document that I could tell was either personal or confidential from time to time. As a general rule, I'd say most computer repair people couldn't really give a toss what you've got on your PC. They see multiple PCs each day and likely don't have time to go snooping. I wouldn't rely on that though. If you have a super-sensitive file then you should encrypt it or password protect it. As for disgruntled employees, that would be more of a concern. There will likely be things you have that will be of interest to them - other employees salaries, performance reviews etc. Again - password protect or encrypt the file and you'll be fine. So I'd say all of the things you've identified are not threats. The thing you haven't identified is the biggest threat - opening your super-sensitive file on someone else's PC. That's an environment that you have no control over, so all bets are off. What's to say that PC isn't infected with a virus that copies every file off any USB stick plugged in and sends them off to a server somewhere (where they can be brute-forced attacked)? Or what's to say it doesn't have a virus that takes a screenshot of the monitor every ten seconds? Or what's to say there's not a hidden video camera on the bookshelf behind you watching you open the file? + 0 Votes First bit gechurch July 13, 2013 at 1:32am PST TR's spectacularly crappy forum software wouldn't let me post this response. This represents about my tenth try (with different browsers and different content) to actually post this. Note to TR's web developer: if there are characters you don't like, check for them and either strip them or warn the user. Choosing to discard the person's whole post without warning is not a good option. Anyway, here;s the first little bit of my post: 1) Yes, files are kept in memory (RAM). After you've closed the file it will remain in RAM until Windows decides it needs that RAM for something else. There's no simple way of knowing if your file is still in RAM or not (except by turning off the PC, which will clear the RAM). There's also no simple way of recovering your file from RAM. You should be more worried about the PC you're using being infected with a virus and stealing your file, or being knocked over the head and having your USB stick stolen.