When it comes to securing Office data, I think about three primary types of controls:

- Securing information found locally on the device’s hard drive

- Securing information accessed remotely from the device

- Securing the passing of data from remote sources to devices

Local device storage protection tends to revolve around methods of encryption and how to lock someone out of local storage until they can provide as many factors of authentication as required to prove they are who they say they are.