Spllited Database risk over LAN Network challenge ,please how to Secure? (1 Viewer)

theDBguy

I’m here to help
Staff member
Local time
Today, 13:34
Joined
Oct 29, 2018
Messages
21,358
it is a travel agency application that will contain data about the clients and their bookings , their full database , i am trying to protect the company that spent alot of money to have these loyal clients to them from anyone might reach this data , that can be easily sold to their competitors for money , it will be valuable for others and this can destroy companies , it is the dirty world dear .
If that's the case, I would strongly suggest you abandon using Access and use a more secured platform instead. Just my 2 cents...
 

kokowawa

Member
Local time
Today, 22:34
Joined
May 11, 2020
Messages
51
My contribution is not a perfect solution but merely another layer of protection.

If you have a decent domain setup, there is such a thing as having a GROUP IDENTIFIER that can then be granted to various users. Your domain admin can make one of these for you. I should note that this method was approved by the U.S. Navy as a way to contribute to the protection of files requiring a certain level of isolation.

In Windows security, there is a thing called an Access Control List that is named according to its function: It is a list of controls (rules) to allow access to something. Windows allows you to put such lists on files. The entries of the list (called an ACL) appear in a given order, which is significant, in that "first match wins." So... the LAST entry in the ACL for the folder containing the files you want to really protect should have an explicit DENY ALL permission assigned to ALL USERS. But the 2nd-to-last ACL entry should be one for a GROUP identifier that will be granted only to those users intended to be users to your DB. The first ACL entry usually grants full access to SYSTEM and you shouldn't play with that. There are also ACLs commonly used to grant operational rights for the purposes of making a backup copy or other file-level maintenance things. Again, don't mess with the backup operator's rights. Or the administrator's rights.

Make a list of people who SHOULD have access to this DB. Make them members of the group implied by the group identifier mentioned earlier. Making someone a member of the group in effect grants them the identifier. It is like adding a specialized key to a key ring. Once you do this, the significant entries are last and 2nd last.

The steps whereby the file system grants a user process access to a file includes "access arbitration." In this case, the test will be like a bunch of IF THEN ELSEIF statements: Are you SYSTEM? If so, grant access rights according to the SYSTEM ACL. After some other tests, ... Are you a member of DB Users Group? If so, grant access rights according to the DB Users Group ACL. Are you a member of the "All Users" group? (Yes, everyone is...) If so, grant access rights according to the All Users ACL. Which happens to be DENY ALL. With a DENY ALL in place, nobody except the group members and system staff will touch those files.

To double the protection, do the same for the files in the folder containing the DB. (I.e. apply those ACLs to the parent directory, but allow the permissions to propagate to child folders and files.) This means that random browsers CANNOT SEE the files. They would know that the parent folder exists but would be unable to know what was in it, because nobody could read the folder.

This SHOULD NOT rule out use of other methods as shown by Colin (Isladogs), theDBguy, Isaac, and CJ_London. Many of these methods can work together. This is just one more way to tighten things up.

thank you @The_Doc_Man , you always explain things in details and easy way that make me understand most of it and surf the internet to know more about what i didnt understood .

i will read more about ACL and will consult an I.T. friend .

replying the part of "nobody except the group members and system staff will touch those files." all staff are the same for me , everybody who access or can reach these file are a thread for me , i have to treat everyone as untrusted , so i have to secure it from all sides .
i want to reach to the point that no one whatever he try he will not have any chance but the FE to deal with

in your post below , i was asking if you would kindly make a video on youtube or so to do an example so i can try it out by myself and dont miss any step.
https://www.access-programmers.co.u...ith-traverse-permissions.312264/#post-1702051

thank you
 

kokowawa

Member
Local time
Today, 22:34
Joined
May 11, 2020
Messages
51
If that's the case, I would strongly suggest you abandon using Access and use a more secured platform instead. Just my 2 cents...

unfortunately Access is what i know to do it with , i didnt study any other programming language .
 

theDBguy

I’m here to help
Staff member
Local time
Today, 13:34
Joined
Oct 29, 2018
Messages
21,358
unfortunately Access is what i know to do it with , i didnt study any other programming language .
Then, I would also caution you to not expect Access to prevent all the things you're trying to avoid. It just can't do all that. You can only go so far with Access; but hopefully, it would be enough for you. Good luck!
 

isladogs

MVP / VIP
Local time
Today, 20:34
Joined
Jan 14, 2017
Messages
18,186
unfortunately Access is what i know to do it with
For your description, I would strongly recommend you learn how to move your data to SQL Server Express and use that for the BE

No matter what security you add, Access is file based and it will still be theoretically possible for someone to steal your files.

Even if you follow all the steps I outlined in my articles and encrypt your data as well, anyone with authorised access to your file will be able to retrieve the data, even if it is taken directly from the screen one record at a time.
 
Last edited:

CJ_London

Super Moderator
Staff member
Local time
Today, 20:34
Joined
Feb 19, 2013
Messages
16,553
I would also add, if you are effectively trying to protect the data from your users stealing it, you need to make sure users cannot run a report that lists all customers, forms that do not list all customers and perhaps even disable the ability for a user to copy/paste or take screenshots - although they could always use a camera to take a picture of the screen, or use pen/paper.
 

isladogs

MVP / VIP
Local time
Today, 20:34
Joined
Jan 14, 2017
Messages
18,186
@CJ_London
Good point about reports / forms showing all records.
I will add that comment to my website article when I update it in the near future
 

kokowawa

Member
Local time
Today, 22:34
Joined
May 11, 2020
Messages
51
h

For your description, I would strongly recommend you learn how to move your data to SQL Server Express and use that for the BE

No matter what security you add, Access is file based and it will still be theoretically possible for someone to steal your files.

Even if you follow all the steps I outlined in my articles and encrypt your data as well, anyone with authorised access to your file will be able to retrieve the data, even if it is taken directly from the screen one record at a time.
i already started learning SQL , and have even tried to upload data to SQL server but not SQL Server Express , it was SQL 2014 /2019 but i faced errors uploading the data , and learning now how connect it , i am just collecting all my questions and will make a thread about it asking for help.

i believe following your security points will maximize the protection to the top level can access reach .
 

kokowawa

Member
Local time
Today, 22:34
Joined
May 11, 2020
Messages
51
I would also add, if you are effectively trying to protect the data from your users stealing it, you need to make sure users cannot run a report that lists all customers, forms that do not list all customers and perhaps even disable the ability for a user to copy/paste or take screenshots - although they could always use a camera to take a picture of the screen, or use pen/paper.

i already have a permission level for every single form , report , function , button in the FE using VBA that prevent the user from opening anything he is not authorized to use.
below is some screens from the security i did .

2.PNG
1.PNG
 

isladogs

MVP / VIP
Local time
Today, 20:34
Joined
Jan 14, 2017
Messages
18,186
My apps use a menu system where users only see those forms/reports they have permission to access.
Similarly, many forms will show different functionality depending on users' security levels.
A quick way to manage the visibility of a group of controls in one line of code is using the tag property.

Thanks for your comments about Access security based on my articles.
I doubt you can make them more secure by methods I haven't covered in one or more articles / example apps.
However, SQL Server (Express or paid versions) can be made far more secure
 

CJ_London

Super Moderator
Staff member
Local time
Today, 20:34
Joined
Feb 19, 2013
Messages
16,553
that prevent the user from opening anything he is not authorized to use.
Not quite what I was saying - if someone is authorised to view the entire list of customers - you are happy with that?

Since you are going 'full belt' security, another element you perhaps need to concern yourself with is sql injection. If you do not handle manual user input correctly, someone who knows what they are doing could potentially login as someone else, even list tables and contents of tables.

Some references
 

kokowawa

Member
Local time
Today, 22:34
Joined
May 11, 2020
Messages
51
My apps use a menu system where users only see those forms/reports they have permission to access.
Similarly, many forms will show different functionality depending on users' security levels.
A quick way to manage the visibility of a group of controls in one line of code is using the tag property.

Thanks for your comments about Access security based on my articles.
I doubt you can make them more secure by methods I haven't covered in one or more articles / example apps.
However, SQL Server (Express or paid versions) can be made far more secure

i have learned a lot from you and this respectful forum and keep learning everyday something new . the thanks is to you and all helped me that i didn't mention here .

my permissions are based on VBA code that will trigger the action after checking the permit table belong to this user on the click or form open or after update. this allow me to customize permission per user , not like other methods which create profiles and make the user follow this profile
 

Isaac

Lifelong Learner
Local time
Today, 13:34
Joined
Mar 14, 2017
Messages
8,738
If that's the case, I would strongly suggest you abandon using Access and use a more secured platform instead. Just my 2 cents...
+1

If my company needed a system where the everyday end-users of this system were truly hungry to steal its valuable data, I would not use Microsoft Access, at least not if I wanted a reference for my next job
 

Isaac

Lifelong Learner
Local time
Today, 13:34
Joined
Mar 14, 2017
Messages
8,738
What would you use?
Come to think of it a bit more, I'd question creating the system at all.

Give end-users access to pull up records, which they are known to want to steal the information from? Doesn't make sense.
 

CJ_London

Super Moderator
Staff member
Local time
Today, 20:34
Joined
Feb 19, 2013
Messages
16,553
What would you use?
To protect your data from being stolen by someone copying the file use sql server/mysql back end. Otherwise protect it further with a password and perhaps encrypting critical fields. But the access vba front end will contain the password and/or encryption process - so save front end as .accde. Even then for someone who knows how, the password can be recovered and even possibly the decryption algorithm. With a web based solution, that is all server side (backend) - so you need to encrypt/decrypt the password with your client based solution

with regards the front end - access is client based otherwise you are talking web based. web based products are more exposed to hacking, client based less so (much smaller pool of potential hackers). Also a lot more maintenance work as the web is a volatile place.

but data is exposed in the front end, and that comes down to front end design (access/web/whatever) to provide minimal exposure of data to users.

So best solution is probably to use something like a (truly) compiled client based solution (using something like C# or .net perhaps) which generates a .exe file in combination with sql server/mysql - and still minimise data exposure with front end design. But reckon on development time being 10 times longer or more since access is a rapid application development tool .i.e. you can develop apps quickly, it is not a full application development suite - try visual studio. And before you ask, no, you can't upsize access to visual studio.
 

Sun_Force

Active member
Local time
Tomorrow, 05:34
Joined
Aug 29, 2020
Messages
396
The point is anything that comes on the screen, can be theft in a way or another. As somebody explained above, one record at a time, taking photos, taking screen captures, etc etc. No matter which software is in use.
I'm still a student and very new to databases to give any opinion on this. I can only talk about our system here and how the organizations and offices try to keep personal data not to be sold.

Our system here, doesn't show any personal data on the screen. Even the staff that we are talking to, don't know anything about our personal info. Imagine I go to a travel agency and book a flight. The lady only knows my ID. This is the ID I've been given the first time I used that store. She know nothing about my name, my mobile No, or even my mail address. Her screen only shows my ID and the details about my flight. The only thing she know about me is the young kid sitting in front of her, my ID and the info about my travel.

If I call them later and ask for a change in my plan, they don't ask for my name. They ask for my ID, then for my password to be sure I'm me and not someone else. The password process is safe. They put the telephone on hold, a message tells me to push my password using my mobile push keys and add a # at the end to show I'm done. And even during this process I can here a noise. This noise is to prevent the staff to listen to the sound of my pushes and guess what my password maybe. The staff just waits until the system checks my password against my ID.

If the staff receives a message on her screen that my password is passed, she can continue with the changes that I want. The changes in my purchase is mailed to me after it's done. It's another automatic procedure behind the curtain. No body knows my actual name, address, mail, TL No or anything else.

The point is don't show personal data on screen. As I said in my first post above, using sql server as the backend and password protecting the server is the first factor to think about. Confidential data is encrypted and is separated in numinous tables in sql server. Front end contains nothing except forms to show only a part of data. One should be smart enough to write a solution to prevent data theft. I accept that using an stand alone program written in #C or other languages is a better choice. But even Access as a Front End can be used in a way to prevent data theft if the program is written in a way to give no clues on what's happening behind the curtain. (nothing is %100 secure).

PS: Once during one of our classes, I had a chance to check an actual database that has been used about 10 years ago as a BE of a mobile shop. The tables were emptied and was field with several unreal data.
There was 24 tables for saving customers' postal address. Even having the database we had no clue to pull out a customer's full name and his postal address.

Once again, Not that I'm trying to tell any idea above is wrong. I'm still a student and do know nothing about the depth of this world.
 
Last edited:

kokowawa

Member
Local time
Today, 22:34
Joined
May 11, 2020
Messages
51
The point is anything that comes on the screen, can be theft in a way or another. As somebody explained above, one record at a time, taking photos, taking screen captures, etc etc. No matter which software is in use.

this will lead to another security measure , can we via VBA prevent Printscreen from keyboard hardware or softeware , @isladogs is there any VBA for this?
 

Sun_Force

Active member
Local time
Tomorrow, 05:34
Joined
Aug 29, 2020
Messages
396
can we via VBA prevent Printscreen
You're not paying attention. Even if you find a way to disable print screen keyboard, users can use 3d party applications or even windows' snipping tool.
If you disable them too, you can't use vba to prevent them to take a photo of the screen with their phones.

Try to work with customer's ID and don't show their names or other confidential info on the screen.
 

Minty

AWF VIP
Local time
Today, 20:34
Joined
Jul 26, 2013
Messages
10,355
I think it would be easier to let the users only use the database with a touch screen.
 

Users who are viewing this thread

Top Bottom