As you might expect, there is never enough information when it comes to powerful products like Access. To assist you with further investigations, I have put together a Web page with links to Web sites and articles on the issues relating to the material in this chapter. The first three of these links discuss issues relating to the developer workgroup strategy.
A paper by Microsoft on securing your database without asking the
The highly referenced Access security FAQ paper.
Mary Chipman's article in Access/VB SQL Advisor, "Is Database Security an Oxymoron?"
The remainder of the reading is
A useful paper on many aspects of Access security by Frank Rice, this book's technical editor.
How to use ADO with Visual Basic or VBA code with databases that are protected by Access passwords and workgroups.
Find all the specifics about
A short but definitive article by Microsoft on how to secure a database, including permissions for newly created objects.
Workgroup security explained in detail by Microsoft.
How to upgrade DAO to ADO, containing a lot of detail about what library to use for what security aspect.
Programming user security with VBA code.
A Microsoft article on the "No permission to convert database" message, which contains insight into some upgrade protection ideas I detailed in this chapter.
Database security and replicated databases.
More details on the Admin account, the Admins group, and the Users group.
You can find the further reading Web page for this chapter in the Downloads section of the Apress Web site ( http://www.apress.com ) or at http://www.vb123.com/ map/adm.htm .
Apart from those online links, you can review the Access security in the Contents section of the Access help file. In Access 97, look for "Securing a Database," and in Access 2000 or later, look for "Administering and Securing an Access File," as shown in Figure 8-25.
Figure 8-25: Help in Access 2002.
Finally, to find out about the different types of permissions for the different types of objects, search on "permissions" in Access help.
The strategy for this chapter was to adopt a simple model for using Access workgroup security and then to explain how to implement it. The developer workgroup strategy that I settled on is significant in that it doesn't require passwords to use it, it is relatively easy to understand, and it achieves a number of significant security results, including the following:
Stopping users from viewing forms,
Stopping users from changing the design of queries and tables.
Stopping users from changing the startup options.
Removing the ability for users to upgrade and view databases in later versions of Access.
Stopping users from importing secured objects into another database.
Once you manage to work this model into your database, it is important to take a break and let the database
Implementing your own internal security system to stop users from viewing particular data.
Setting up a front-end database in separate location from a hard-to-find back-end database.
Using the operating system to restrict usage based on operating system
The other flaw is that the VBA code is quite vulnerable if you don't protect your startup options; verify that your
Finally, remember when working with workgroup file security that you must know which workgroup you joined and what user you logged on as before you do anything. The number of times that this author has made that mistake seems like a good enough reason to warn the readers.
Microsoft Access Small Business Solutions: State-of-the-Art Database Models for Sales, Marketing, Customer Management, and More Key Business Activities
Access Solutions: Tips, Tricks, and Secrets from Microsoft Access MVPs
Building Microsoftu00ae Access Applications (Bpg Other)
VBA Developer's Handbook, 2nd Edition