So What are the Best Access Security Strategies?

This chapter has thrown a few negative thoughts onto different parts of the Access security framework. To help clear your mind in readiness for the next chapter, here is a summary of the best security techniques that you can adopt. I have put together this list by considering the issues raised in this chapter plus other concerns that I uncovered that I deliberately did not reveal.

• Access security cannot be unraveled easily unless the users have access to the appropriate workgroup file. The exception to this rule is if the user sends the database to a company that specializes in these security-cracking activities. The likelihood of such a company getting access to your database is probably small, as most small-time villains like to work anonymously.

• Hiding the location of the database and workgroup files is very worthwhile.

• Operating system security should form an integral part of protecting both the database and the workgroup file.

• Use ADO with Visual Basic or VBA code on databases that are protected by Access passwords and workgroups.

• I did not see any indication that anyone can reconstruct VBA code from a compiled MDE database (discussed in Chapter 11). There are some concerns for forms and reports in this format, but they do not extend to the VBA code behind the form.

The rest of your security strategy involves working through all the different parts of Access and plugging the gaps. In this case, always concentrate on the important objects and data and then worry about the rest of the database.