Microsoft is concerned about your privacy and the security of your information. The following suggestions include examples of some of the things you can do to help make your use of Microsoft Office Groove 2007 (“Groove”) products and services more private and secure.

• When using the Groove software, we recommend that you protect your account with a strong password that you keep secret and change regularly. Several people can use the Groove software on the same computer, but each user is responsible for protecting his or her Groove account with a password. If you choose to save your account as a file your password is the only protection from another user utilizing this file to gain access to your account.
• When saving a Groove workspace as an archive or template we recommend that you protect the archive or template with a strong password. Similarly, when saving a forms template, we recommend protecting it with a strong password.
• If you use the Groove software on a computer or other device which others also use, or on a mobile computer (which could be lost or stolen), do not use the “remember my password on this computer” feature.
• To create a strong password, use a mixture of at least ten characters, numbers, and punctuation marks. Do not use common names, single words, or any personal attributes such as a birthday. Consider taking a favorite book and using the first word on any page plus the page number and a punctuation mark. When you’re ready to change your password, go to a different page and repeat the process. Don't share your passwords with others.
• The operating environments of personal computers and personal computing devices—in which the software of various manufacturers operate side by side—are, by nature, “unprotected” and “unsecured.” Any third-party software that runs in a PC environment can access workspace data in a variety of ways (for example, capturing keystrokes, reading the contents of temporary files, calling Groove Web Services APIs). Although we cannot increase the security of the base computer operating environment in a complete or foolproof manner, we recommend you run anti-spyware (such as Windows Defender) and anti-virus programs with real-time scanning. Please familiarize yourself with the behaviors of the other software programs installed on your computer, including third-party software made for use with the Groove software.
• Be aware that any personal information you choose to provide when you create an identity in the Groove software will be visible to others whenever you use that identity. When you complete a contact for a Groove identity, enter only the information that you want others to be able to see. (You must enter a name and an e-mail address.)
• The public Groove directory, accessible through the Groove software, is available to everyone on the Internet. You should give the same amount of consideration to publishing information about yourself in the public Groove directory that you would give to listing the same information in a telephone directory. If you choose to list an identity in the Groove software’s local network directory, the personal information you associate with that identity will be accessible to everyone on your local network.
• Do not supply financial information, like a credit card number, or information that personally identifies you to people you do not know and trust. Workspaces you enter may include people you do not know. Be aware of your audience whenever you disclose personal or sensitive information.
• Groove helps you determine how much to trust other Groove users through their authentication status. Authentication is the process of verifying someone is who they claim to be. You can optionally organize your contacts by how they were authenticated or check their authentication status by the color of the name. The names of directly authenticated contacts are displayed in green, other contacts in your organization authenticated by your domain administrator are displayed in teal, contacts in other organizations trusted by your domain administrator are displayed in blue, and contacts that are not authenticated are displayed in black. Duplicated names that conflict are displayed in red. We recommend you use the Authenticate Contact feature to directly authenticate unauthenticated contacts.
• Tools within workspaces and Groove instant messages permit you to receive files from other people. Be aware that executable files may contain viruses, may behave unreliably, and may harm information on your computer. Don’t run executable files on your computer unless you are confident about the integrity of the files and have up-to-date, real-time anti-virus software enabled.
• Groove’s optional anti-virus filtering feature depends on third-party virus scanning products for scanning. If you choose to use it, we recommend ensuring automatic updates for virus definitions and the scanning engine are enabled.
• Be aware that Groove’s optional file filtering function depends on the file type accurately identifying the type of file. For example, users may bypass a prohibition on sharing .exe files by renaming them to an allowed type, such as .txt.
• When you use the Invite function to invite someone to be a member of a workspace and you send the invitation file using a non-Groove e-mail or instant messaging program or a disk, rather than through a Groove instant message, the contents of the invitation file will not be encrypted. If a party other than your intended recipient were to intercept the invitation file, that party could use the invitation to enter the workspace with which it is associated. To avoid that, be sure to check the Require acceptance confirmation option when creating the invitation. Also, use Groove or another secure communication medium to send the invitation file, or personally deliver a disk containing the invitation file to the intended recipient(s), if you are concerned about this risk.
• When you use the Groove software’s Launch, Open, Save, Save Files, or Save All functions to send workspace content to a third party external program for viewing or editing; or when you use the Groove Forms tool or other features of Groove that utilize Microsoft Windows Internet Explorer as an embedded content viewer, the content sent or viewed may be written to a temporary file on your computer. These temporary files can then be viewed - by you or others with access to your computer and any necessary passwords - using a program other than Groove. If the temporary files are located on a network file system, or if the third party external program utilizes networks or servers, the information may be exposed to third parties. Ensure that temporary files are deleted from your computer and network file systems if you wish to minimize this risk.
• When you use File Sharing workspaces, all files are stored in file system directories. These files are like any other files on your computer. You should use standard Windows security mechanisms, such as access control permissions and the Encrypted File System, to protect those files from third parties.
• We recommend system administrators not enable remote web services, unless the network connection is secured using a cryptographically strong method such as IPSec.
• If you have reason not to trust the operator of the wireless or local area network you use, we recommend disabling automatic network configuration. You can disable that feature in the Internet Properties control panel, by clearing the Automatically detect settings check box in the Local Area Network (LAN) Settings or the Dialup Connection Settings dialogs. If you enable automatic network configuration, Groove looks for a proxy configuration server on the local network and then runs a JavaScript program returned by the proxy configuration server. An unreliable JavaScript program could disrupt your computer by consuming excessive processor resources or performing unnecessary network operations. Disabling the checkbox on unsecured networks protects your computer against running JavaScript code from proxy configuration servers about which you know nothing.
• Please be aware that even though all workspace traffic is encrypted, parties that administer and monitor networks and servers, including ISPs, have the ability to gather and aggregate information related to the transmission and reception of network packets between sets of computers. By analyzing IP addresses and device GUIDs, which are carried unencrypted by necessity within network packets, administrators and network monitors can make statistical associations between people and their activities.