Any tips on how to secure data in a separate accdb (1 Viewer)

W

wbulckens

New member
Local time
Today, 14:13
Joined
Jan 27, 2015
Messages
5
Hi folks,

I'm building an application in MS Access 2010.
This application must be able to read from a big table in a separate accdb.

This separate accdb contains info that should NOT be available for all my users to copy, as it is valuable competitive information that could be abused by people with bad intensions. So, a linked table solution is not an option.

However, it should be possible to run parameterized queries that do simple look-ups that return only small/relevant portions of the database.

Please send me your ideas!

Kind regards
Wim
 
depends on what you need to do with the data - is it just used for lookups in comboboxes or recordsets? Or is the user updating data? If the former, you can use vba to execute a sql string to populate them using a dsnless connection - so there is no linked table and no indication where the db is.

Also depends on what you do with your front end - is it compiled into a .accde? If not, there is little you can do to protect from someone who has a modicum of access skills - if they can read the above code, they can find the location and password

Alternatively you can still link to the db if your users do not need access to the navigation window. A simple thing to do is to hide the navigation window, or even the whole access window (all forms/reports would then need to be popup and modal) and disable the bypass keys
 
goes without saying but the other db should be password protected - although there are password crackers out there
 
wbulckens said:
This separate accdb contains info that should NOT be available for all my users to copy, as it is valuable competitive information that could be abused by people with bad intensions. So, a linked table solution is not an option.
Click to expand...

You cannot stop people copying and using the data in an ACCDB file if they have read permissions on that file via the file system. It's imporant that the owner of the data realises that and agrees that it's an acceptable risk. If that's not acceptable then you need to use a different solution. Use a SQL DBMS (e.g. SQL Server or Oracle) with server-side security and don't give end users direct access to the database.
 
one way is not maintain the link to the accdb permanently, but create it, extract the data, and destroy it each time.

you can encode a password to the remote accdb within your own accde/mde and users would then not be able to get at that data in the remote accdb.

clearly your users would be able to find the remote accdb (outside of access), but would not be able to open it directly. Having said that, in a complex file system, they may struggle to find it. A lot of this depends how tight/disciplined your company is.
 
You cannot stop people copying and using the data in an ACCDB file if they have read permissions on that file via the file system
Click to expand...
Agreed, but you can do things to make it more difficult - for example, hide the file (although users can change settings to view hidden files), place is a none obvious directory, provide the file with a different filetype to make it less obvious it is a db (you can still access the file through linking or whatever), although the .laccdb file will still be visible when the db is being read by a user.

It just depends on the 'level' of security required
 
CJ_London said:
Agreed, but you can do things to make it more difficult - for example, hide the file (although users can change settings to view hidden files), place is a none obvious directory, provide the file with a different filetype to make it less obvious it is a db (you can still access the file through linking or whatever), although the .laccdb file will still be visible when the db is being read by a user.

It just depends on the 'level' of security required
Click to expand...

Which is why I said that what really matters is to validate that with the person who owns or is responsible for the data. Demonstrate to that person the actual steps needed to circumvent whatever method you use to "hide" the data. If he/she is happy to live with that then go right ahead. I could be wrong, but since it only takes a couple of clicks to view hidden files in Explorer I suspect that the owner/customer may not be entirely confident in that as a method of "hiding" valuable data.
 
You must log in or register to reply here.

Similar threads

D
Darshan Hiranandani : How to Access a Password-Protected MDB Database with an MDW File and Unknown User Password?
Replies
3
Views
594
Isaac
Isaac
brucemc777
Solved HOW??? An HTML string stored in a long text table field with breaks for variables to be used in boilerplate eMails...
Replies
10
Views
657
brucemc777
brucemc777
K
Spllited Database risk over LAN Network challenge ,please how to Secure?
2 3 4
Replies
69
Views
6,342
isladogs
isladogs
isladogs
  • Locked
Access File Security : MDB / MDE vs ACCDB / ACCDE
Replies
2
Views
8,004
isladogs
isladogs
S
Solved How can I fix this code, so that the time data are logged to the CURRENT record an user is working on and NOT create a new entry??
Replies
14
Views
1,986
Pat Hartman
P

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top Bottom