What is it that We Should be Concerned About?

Previous page
Table of content
Next page

What is it that We Should be Concerned About?

Microsoft Access has a number of flaws that have made parts of its security defenses easy to breach. Before proceeding with those discussions, here are some of the positive things that you can do to make sure that you can minimize the effect of those flaws:

  • You can use workgroup security to stop people from importing objects from your database into a blank database.

  • If you are using database encryption, make sure that you are using it in tandem with workgroup security, or you will find that the encryption is virtually useless.

  • You can use database encryption in tandem with email attachment size limits to stop users from emailing large databases.

  • You can open a password-protected database by using automation in Access 2002 or later.

Now I will summarize how these technologies and the security issues that surround them are relevant to the IT manager, the DBA, and the developer.

Overview for the IT Manager

If you are an IT manager and your developer has told you that he has secured your database, you naturally would want to believe him. Unfortunately, you should be concerned with some significant issues, including the following:

  • If your database relies on database passwords or workgroup files where the developer and the users share the same workgroup file, then password retrieval software negates the effectiveness of that security.

  • If the security of your database relies on the users being sheltered from the objects and data by a specially designed user interface, then you must protect the database from the Access Import menu command.

Conversely, IT managers can rest a little bit easier because the flip side of the password retrieval software is that it will allow you to recover database, workgroup, and VBA Project passwords if the people that add that sort of protection go walkabout.

Overview for the DBA and the Developer

DBAs and developers need to be concerned with all the issues relevant to the IT manager, as listed previously. You also need to check whether your database is encrypted without cause, which will affect both the performance of your database and the compaction of the database into archives. You may also want to have your users log on to a password-protected database through automation so as not to disclose the database password or the location of the database.

Developers should be aware that the VBA Project password is also susceptible to password retrieval software, but in my opinion, this protection is worth persevering with if you are delivering your software in MDB format and you need protection rather than the security offered by the MDE format (discussed in Chapter 11).



Previous page
Table of content
Next page
Real World Microsoft Access Database Protection and Security
Real World Microsoft Access Database Protection and Security
ISBN: 1590591267
EAN: 2147483647
Year: 2003
Pages: 176
Authors: Garry Robinson
BUY ON AMAZON
Project Management JumpStart
Java for RPG Programmers, 2nd Edition
Postfix: The Definitive Guide
Mastering Delphi 7
InDesign Type: Professional Typography with Adobe InDesign CS2
What is Lean Six Sigma
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy