security?

Topic

New Reply

Hi guys,
this is going to be a very general question – but here goes…

Is it possible set up an access file so that it cannot be copied and taken home by somebody once it is in operation?
I’ve put in a lot of work into this DB and the boss gave me a talk about ensuring “our” work is not taken out the door.

Any idea, or previous experience?
thanks,
rob.

Reply | Quote

Replies

The simple answer is no. MS-Access does not provide that level of security. Anyone with access to the network directory can copy or delete the MS-Access database. A MS-Access database is essentially nothing more than a file just like an excel spreadsheet or a word document.

For impregnable security you’ll want to look into a database server like SQL Server. In fact if you read through the Access Security FAQ I think it says just that! http://support.microsoft.com/support/kb/ar…s/Q207/7/93.ASP

HTH

Dave

Reply | Quote

Using network permissions might help but that depends on the network OS you’re using. Your users need to have create permissions on the folder in which the database lives, but some of the other permissions can be removed. Just remember that the network permissions apply to the file, not to what’s inside the file. The create permission is required in order to create the ldb file when the database is opened, but you could play with the others to find the minimum usable permissions set. Permissions can be set down to the file level, so you can get pretty fancy with them and create other problems down the line.

If you want to protect the design of the database, a simpler approach is to create an mde, which has all the objects in it compiled so they can’t be edited or reverse engineered. Just be sure you keep a copy of the mdb elsewhere, because you can’t edit an mde. It does leave the tables intact, so if you’re trying to protect data rather than design, this won’t help.

As for SQL Server, if you back up a SQL Server database, it’s perfectly possible to copy that backup file and restore it on another SQL Server if you have network permissions to the backup folder.

Reply | Quote

I agree with the others – no. However, you could try making life inconvenient for copiers by checking a bunch of installation specific stuff and booting them out (without giving specific details) if it’s not correct. Naturally, you would need to create an mde to prevent snooping.

Currentdb.name gives the full path name to the database. You can use syscmd (see the builtin help) to get the path to the current workgroup and to where MSACCESS itself is, as well a few other tidbits of information. See
http://www.mvps.org/access/api/api0040.htm to get the current NT domain. etc. etc. Make sure everything is still the way it is on the production copy, and you might be able to secure it enough to keep your boss happy.

Reply | Quote

Thanks for your help everyone, I’ll give it all a go – (just make a couple of backups first though……….)

Reply | Quote