What do I Need to Know About Securing My Data?


Once again, I will provide alternative overviews about what's important to the developer, the DBA, and the IT manager. When you are working through the chapter, bear in mind that though the focus of the material is on data and tables, you can apply many lessons to the other objects in an Access database.

Overview for the DBA and Developer

The information outlined in this chapter principally deals with Access tables, and therefore the material applies equally to both the DBA and the developer. If you have followed the popular model of splitting the database, you will be dealing with the back-end database.

The processes outlined show you how to use shortcut files to open your database, how to add a user group account to your developer workgroup file, and how to use the security wizard to implement workgroup security. Most importantly, you need to understand the PID authentication model, and you should consider either the anonymous Windows authentication model or the dual workgroup model as a way of protecting your database from password-cracking software. In the process of using the anonymous Windows authentication model, you will also be removing the need for Access users to use additional passwords to open the database.

More for the Developer

If you want a secure database that only one or two people are going to use, read the section "Stopping Anyone Else from Opening the Database" later in this chapter.

If you are distributing your database outside your company network and want to protect the data or the software, you must understand the anonymous Windows authentication model and Read with Owner Permission (RWOP) queries, which will go some way to protecting your database from intrusion.

Overview for the IT Manager

Once your company starts adopting workgroup security for Access databases, you are going to need to ensure the following:

  • You have a copy of the workgroup file used to secure the database.

  • You have the Group account name and personal ID (PID) of the different Groups used in the permission schemes of the database.

  • If you are using user names with passwords, you need to inform the database users of your company's rules for protecting passwords.

  • If you are protecting more than one database with workgroup security, you need to think about sharing the development workgroup file and Group account names to ensure uniformity across the databases.

  • If you are unsure of the type of workgroup security used for protecting your databases, you should audit your databases.

For more on these issues, read the sections "Trusting Your Users by Adopting the Same Workgroup" and "Time for Reflection" later in this chapter. Another issue that you should consider is how the workgroup files are distributed to users; this issue is discussed in the section "Securing Data with PID Authentication." Finally, you should ponder the rather frank discussions in the section "Protecting Data Outside the Company Network" near the end of the chapter.

Some Thoughts before We Start

Whatever you do to secure your database, keep your security systems documented and hidden from the users.

Before spending too much time securing a whole database, do an upfront analysis of what you want to protect, and you may find that your concerns may not be for the entire database but for one or two fields in a table.

Terminology Used Throughout the Chapter

In this chapter, I found the need to refer often to a special group of users who are confusingly called the "Users group." Naturally, this term could easily be confused with the regular users, so I have taken the liberty of describing the Users group as the "ubiquitous Users group." Once again, I have called the Admin user the "anonymous Admin user," and I also refer to the term user-level security as "workgroup security" to reduce potential confusion.




Real World Microsoft Access Database Protection and Security
Real World Microsoft Access Database Protection and Security
ISBN: 1590591267
EAN: 2147483647
Year: 2003
Pages: 176

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net