where to begin with security (1 Viewer)

[BigMr.C]

Currently have several access databases (with SQL backend) in use in our company - certain people see all of them, certain people can only see some of them. This is just basically controlled by putting certain ones on their desktops and not others.

Looking to get a complete security lockdown on all of them - eg one main screen where a password is entered and that defines which other ones can be opened and which screens within the current one can be viewed.

What are the security/password options in Access?
Is it able for instance to base the level of security on our network login name/password?
Or do you need to enter a password every time you open Access which then is used somehow to define access rights to each screen and each database.
Any advice apreciated.
Thanks

 

[Len Boorman]

I have a couple of documents that are too big to post here that explain a great deal about Access security. It is a minefield for the unwary

I use a slightly different technique that is not so secure but keeps out the curious.
Basically I detect the network logon id and from there

a) If you are not an authorised user of a certain database when you open it , it then immediately closes

b) I control the Visible Property of command buttons that then controls access to forms for Editing and the like.

These require
a) Disable By Pass Key
b) Disable F11 key
c) Use Custom menu bar
d) Disable shortcut menu on all forms

This will not give a complete lockdown and can be got around relatively easily if you know how. Basically import all objects into a new database but now you have a copy and not the original but again the smart**** could probably export changed bits back to the original. As I said it will keep out the curious.

If you would like the security documents mentioned earlier send me a PM with an email address

Len B

 

[Pat Hartman]

There is a difference in securing a database to keep the curious from mucking it up (too easily) and securing it because the data is sensitive. You can go a long way with security by using Windows security to control who has what kind of access to the directory where the .mdb/.mde resides. That should be your first line of defense. If they don't have access to the database, they shouldn't be able to get to the directory. Then below that, you can use Access security to prevent modifications to or creation of the various database objects. Access (actually Jet) security is at the object level so it would secure a form but not individual controls or secure a table but not individual rows or columns. If you need security that is more granular than the entire object, you will need to code it yourself.

Before you start playing around with Jet security - MAKE A BACKUP - and just to be sure, make another one and put it on removable media. Take the media out of the drive. Find the Security FAQ (search here or the microsoft kb for a link) and read it. Follow its directions EXACTLY.

 

[DollyP]

I do exactly the same as Len B, but would add a further step to his comments.

To stop users mucking around with, or gaining access to, your forms, code, etc. you do need to split your database into frontend (everything except the data)/backend (data). You can then convert your frontend db from an mdb to an mde, which removes all the code and prevents design changes. Note, this is irreversible so make sure you only convert a copy of the mdb so that you can continue to develop the original.

David