Information
This policy setting controls whether trusted locations on the network can be used. Trusted locations specified in the Trust Center are used to define file locations that are assumed to be safe by the application opening the file.
The recommended state for this setting is: Disabled.
Rationale:
Content, code, and add-ins are allowed to load from trusted locations with a minimal amount of security, without prompting the users for permission. If a dangerous file is opened from a trusted location, it will not be subject to standard security measures and could harm the user's computers or data.
Impact:
Disabling this setting will cause disruption for users who add network locations to the Trusted Locations list. These custom locations added by users are ignored but not removed. Trusted locations added in Group Policy that specify a network location are also ignored.
Solution
To establish the recommended configuration via GP, set the following UI path to Disabled.
User Configuration\Administrative Templates\Microsoft Excel 2016\Excel Options\Security\Trust Center\Trusted Locations\Allow Trusted Locations on the network
Default Value:
Disabled. (Trusted locations are not allowed, however users can check the box to allow trusted locations, and then add custom locations.)