Securing Data

[Krava]

Hi, folks!

I spent some time by reading a different threats concerning this matter. To be honest- I did not find the answer I was looking for.
We develop the application always this way:
1) The data is store on the server in MDB file, password protected
2) The client application does not contain any data locally, only linked tables from MDB/MySQL/SQL
3) The client is always distributed as MDE to all users
4) Most of the users (99%) use only Access Runtime

But we have some users with full Access installed and I am worrying.
My problem is that if they open the client (MDE) they can have a direct access to data, as linked tables. So if they want they can change/delete/add records directly in the linked table.

How to prevent this?
Any opinion would be appreciated.

Thank you.

Krava

 

[georgedwilkinson]

It depends on how crazy you want to get with it (i.e. how much money you want to spend). Remedies fall somewhere between telling them not to do it all the way to writing a new front end in a different environment.

Staying with Access, here are a couple of mid-way solutions:
1. obfuscate the table names in the front end. Name table names with a prefix of "usys" and they will be hidden from the user (unless the user knows to look for hidden object names). Be careful to go through all your code looking for references to the old table names.
2. Don't link to tables at all. Use ADO or DAO recordsets (created in VBA) for everything, including form/report data source.
3. Set up Access security on the FE and remove access to the tables.

It all really depends on how much you want to spend.

 

[Krava]

Hello, George!

Thank you for your reply.
Well, we have developped many applications, but only a few of them are, I would say, critical.
I will try someting concerning Table security and I will see.
I will keep you informed.

Regards

Krava