Introduction

The Office Content Shield (Office Shield) is a 'Chrome browser' text encryption add-on for RingCentral and UnifyOffice that allows the user to add additional encryption to conversation messages (you must have a RingCentral or UnifyOffice account for this add-on to work). All encryption is carried out locally and you are truly the owner of your own content. The Office Shield enables you to protect selected content safely with or without a key. Creating a Shield with a key means that RingCentral or UnifyOffice admins will not be able to decrypt the string. NOTE: your content maybe encrypted in the back-end but with a bit of work and applying inside knowledge, it may be technically possible for your own admins to see the contents of any conversation. Any Office Shield generated text without a key could, technically speaking, be decrypted if your Office admin spent enough time re-engineering your string (this is highly improbable but still possible). If you use a key your Office admin will not be able to open your Shield without you handing over the key. Office Shield is a reinforced software vault that uses the Advanced Encryption Standard (AES-256) to encrypt your content . This means that even without a key and without admin privileges any attempts to open your Shield is near on impossible. The Office Shield is independent of RingCentral and UnifyOffice and your organisational Office admins which puts control back in to your hands (the user). The trade off is that your local admin will not support you if you cannot open your Shield. Technically, the Office Shield protects your content from Cross Site Scripting attacks in your browser (Client XSS protection).

Data Protection and Google Chrome Store Policies

This technology successfully passed the new Chrome store program policies via an Internal Google review on 14th September 2019. This extension is clean with no misleading information and no malicious code in the background and no additional permissions have been added to the extension outside the scope of its intended use (collecting personal data, access to camera or microphone, location, etc).

Your data belongs to you and you only. This extension is designed for privacy and is fully GDPR compliant and is in fact aimed at strengthening the GDPR for your Office content. This extension does not have any ads and will never support ads. There are no 3rd party services in any part of the code and no data is transmitted from your browser during any part of the extensions functionality.

The Office Shield uses your personal information (from RingCentral or UnifyOffice) and embeds the information into your Shield. At no time will this information leave the confines our your local browser session (your personal information will never be transmitted or used outside the confines of the Chrome extension).

Google analytics are used to track the number of installations and removals (including installation location needed to assess the success of the extension and to see if other languages are needed). This information is collected and stored in the Google Chrome Developer Dashboard only and no other information is collected apart from what is mentioned above. This information is not used for marketing purposes and is not passed onto any 3rd parties.

Application Manifest Permissions (version 3)

The Office Shield requires the following permissions for the extension to work fully:

• contextMenus - needed to put menus on the right click

• storage - needed to store your settings in your Google account or locally if you do not have a Google account (no encryption data is transmitted only data needed to store your settings accross different computers)

• background - needed to run all the functions inside a service-worker which make the Office Privacy Shield possible

For some strange reason Chrome is stating the following:

Permissions (Read your browsing history)

This isn't correct as "history" has not been added to the list of permissions above. I have raised a ticket with Google to investigate this error further. I have noticed that the wording has changed since mid September. Maybe, Google is trying to simplify the message to the end-user by saying that 'if the extension can access the storage then it is possible that the extension can read saved data from past sites visited'. My promise to you is that this is not happening. Only your account ID is being read from your browser's storage if the active tab is either https://app.RingCentral.com or https://app.UnifyOffice.com. If you change tabs, and RingCentral or UnifyOffice are still active in the previous tabs, then the Office Shield will deactivate itself until you return to the tab containing your Office. Try it out: open a new tab > navigate to a new site that is not RingCentral or UnifyOffice > click the icon in the top right corner > click 'Setting' - nothing will happen. Now navigate to your account instance (i.e. https://app.UnifyOffice.com) and do the same. Now you will be able to open the Office Shield settings (designed for Privacy).

The use of Mutation Observers

The Office Shield comes with a function called 'Tidy Shield'. Tidy Shield's clean up your conversations and format the text making your Office experience more enjoyable. Observers are needed to scan through all your messages for potential Shields (no other information is touched by the observer code). No information touched or untouched by an observer is transmitted or processed outside the confines of the Chrome Extension in stalled on your local browser.

Even though no information is transmitted out of your browser, some users may not like the idea of having Mutation Observers running in the background looking for changes to conversational text. By default, when you first install the Chrome extension, Smart Shield is turned off. You can turn Smart Shield on/off anytime in the UOffice Shield setting.

Why should I use the Office Shield?

Technical answer: The Office Shield protects the document's textContent by adding additional legalities which are needed by law to successfully prosecute any unauthorised access to personal or protected data. The Office Shield also adds an additional security layer to your data when at rest on ringCentral and UnifyOffice servers and keeps your data safe when exposed to the browser's DOM tree. The Office Shield ensures that no 3rd party infringements or attacks can read, or make any sense of any Office Shield data from your conversations. All data is encrypted using AES-256 CBC encryption (block chains). Attackers may copy the content but they will not be able to open the data.

Non-technical answer: A Chrome extension that creates output that is fully owned and controlled by you by means of applying strong encryption techniques to encrypt selected text in UnifyOffice and adds additional legal terms needed to proceed with successful prosecutions so as to prevent any unwanted 3rd party access from reading or stealing personal or protected data and ensures that your data is not readable if anyone manages to take information out of the central UnifyOffice environment and protects from any unwanted applications taking information from your browser without you knowing whilst adhering to open encryption standards and local and international legislation.

Using RingCentral or UnifyOffice without the Office Shield browser extension:

• All messages are encrypted by RingCentral and UnifyOffice and kept safe inside their databases

• All messages transmitted to and from your browser are encrypted

• RingCentral and UnifyOffice are GDPR compliant (as a cloud service provider)

• After RingCentral or UnifyOffice transmit data to your browser all messages can be read in clear text in the back of the browser exposing sensitive information to any unwanted code running on your computer

• RingCentral and UnifyOffice admins can export all data stored in the database in clear text

• All content is accessible on your mobile phones (if lost and phone is unlocked)

• Your content can be copied and pasted into another conversation

• You cannot track content that you have marked as 'Confidential! Do Not Copy!'

Using RingCentral or UnifyOffice with the Office Shield browser extension:

• All messages are encrypted by RingCentral and UnifyOffice and kept safe inside their database and you can add a further security layer to ensure that only people involved in a conversation can read the content

• All messages transmitted to and from your browser are encrypted (no change)

• RingCentral and UnifyOffice are GDPR compliant (as a cloud service provider) and the Office Shield adds an additional GDPR layer allowing you, as the user, to employ pseudonymous techniques (mask someone's identity) to protect personal data inside your own conversations

• Office Shield content is shielded in the RingCentral or UnifyOffice database. The transmit data is encapsulated in a shield and only made readable to the user after the user lifts the shield. All messages and information shielded by the Office Shield are encrypted and protected in the browser's backend (DOM tree).

• RingCentral and UnifyOffice admins can export shielded data stored in the database but they cannot read the content. Office Shields stay encrypted and locked

• No content is readable on your mobile phones even if lost and phone is unlocked. Content cannot be decrypted on a mobile phone

• Your content cannot be copied and pasted into another conversation. Office Shields are strictly bound to the conversation and the encryption owner is the only one who can edit the clear text message

• The content that you create can be protected against unauthorised access. You can customise legal prompts and watermarks for group members to see before and after decryption. If users copy the Office Shield in it's opened state they will also copy the 'Confidential! Do Not Copy!' statements as well.

Is there a Mobile Office Shield App?

At present no. Mobile users cannot view encrypted content and as it stand today the Office Shield is a Chrome browser extension only. it is intended that by not adding mobile apps the security of your encrypted strings are enhanced. If you misplace your mobile and somebody manages to open up your phone and log into RingCentral or UnifyOffice then your encrypted strings are protected. The official RingCentral and UnifyOffice Apps are also signed by Atos Unify meaning that no additional code can be added without RingCentral or Atos Unify signing the changes first. A new 3rd party Office Shield App, which connects to our Office instance, would be required in order for strings to be decrypted. This is not currently in the development line but may developed if enough interest is shown.

Installation

To install the Office Shield during the beta phase you will need to contact the person who encrypted the string and ask them for the Google Chrome App Store link. Add the extension to Chrome and you will be able to generate and decrypt strings. The plugin will be available on the Google Chrome App store when fully released. By default all setting for the Office Shields are turned off. Use the 'Settings' option in the menu to build your personal shielded environment.

Menu Settings

When you first add the Office Shield you will need to activate your preferred encryption menus. By default no menus are selected.

When installed left click on the Office Shield icon in the top right corner of the browner (or right click anywhere in your Office account). Select 'Settings' and tick the menus that you most prefer.

Locating the Menu Options

To see the options above, edit a Office Conversation. Mark the text that you want to encrypt using the mouse (left click and drag). Right click on the selected text and choose the desired encryption option. To edit the Office Shield (only Shield owners can do this) open the conversation in edit mode as you would normally do when editing a standard conversation. Once the Shield is in edit mode the contents will be displayed in encrypted form. Select any part of the text and select 'Unshield Content'.

Watermarks & Legal Notices

All Watermark, Legal Notices, and Legal Prompts are encrypted into the Office Shield. This means that you can change your Watermark without effecting the previous watermarks in older shields. Also, manually changing the Legal Notice in the shield will render the encryption void (i.e. removing AUTHORISED DECRYPTION ONLY@legal from the string below). The shield can only be lifted in the conversation where it was created and with the legal statement included. Only the shield owner can remove the watermarks and notices (by lifting the shield in edit mode, changing the settings, adding the shield again, saving the changes)

Below is similar text with watermarks and legal notices (previous Shield was opened, edited, and saved). Note that when you open a Shield and create a another Shield the encrypted string will be completely different (even if the contents are exactly the same as the previous Shield. No two Shields are the same):

You can see your Watermarks in the setting of the extension with a live example of how they will look (see the first diagram above).

Original Text = 'I would like to encrypt the name John Smith as well as his telephone number +44 1234 555999 as this is personal information that should be protected. I will encrypt the text with watermarks and legal notices'

How Conversation Members View Encrypted Text

with Watermarks & Legal Notices

Only encryption owners can see the clear text variants of the encrypted text. All other members of the conversation will be presented with a read only representation of the decrypted text. Here you can be assured that at no time will clear text be shown in the background of the browser. To acknowledge that they are authorised to view the result of the decryption the user will be prompted to enter an Acknowledgement PIN. If the PIN matches, the results will be shown.

Without the Office Shield installed (or with Office Shield installed but with 'Tidy Shields' turned off) the conversation group will see the following (NOTE: this is how RingCentral and UnifyOffice admins see the text when exported in clear text):

<shield1>AUTHORISED DECRYPTION ONLY@legal-1b69c-80d1b-924b3-a805c-ab010-f65c3-29c0e-17c9f-4cbad-b0638-f9836-9b230-a38cW-WJYfa-cGDO2-hYlW+-J6GBe-Uhnck-T0anm-W35TN-RQZ5z-ntF2x-PVKoT-t0XXJ-Yw9kB-oRNBm-p52F2-B1RB7-jM0ph-it+2J-0BP5q-6ieD6-r/V0u-TKRZh-B7cOy-y0qrD-E7++7-xgPUg-aeGlm-L6cDp-VE1Ui-rka4T-0V0mv-C6wO/-bqfZ4-MaSGx-TqXHQ-2zSmY-1n0xj-1tbZF-0bSQC-sGgHE-nCdeJ-O8HkC-6CuoG-zMWkt-Cy8vh-0shfA-A1647-P3W79-5JJz4-qi1JC-dde8m-KdHFq-9VCyd-cna8J-aV6zC-zQxNs-mISrq-W9SMV-5cJHq-IKwlx-3/jsr-hD1my-Bjsuh-pDRVC-sKRDl-n82LY-hd0sY-YgJHX-nwQnw-PC3sX-KN7K9-g37bR-0UUJN-paJrb-fE/Zd-cHPZE-9ctXg-PfxHj-PS2oK-N+YTN-G05rg-oggp7-Oz92h-ybtcl-IDfn+-JySzZ-MgU1A-TN0h4-kZHng-h2WTJ-67Sx4-ihwl+-ieshf-/jX01-DHFM9-by/mz-FYsO5-EmxEr-glh6k-=</shield1>

If the conversation group have Office Shield installed with 'Clean Shield' enabled they will see the following (before and after being opened):

Adding a Prompt to the Shield

Prompts are a good way to pass on in formation to anyone in the conversation instructing them how to best handle the information. You can also be assured that they have read your message as the person lifting the shield must enter a PIN first.

Below are examples of some prompts that may be of use to your content:

If the Office Shield helps you protect your RingCentral UnifyOffice content please give a thumbs up. Your support will be grateful.