 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
MS Access Forum / General 2 / May 2007using recovery programs to bust ULS!!!!!!
I am with a University and I have an access Database that I want to put on their server but the IT people say that it is their understanding that you can't secure an Access database with Access security tools (i.e. user level security). To prove the point they took a program called (i think) Database Revovery from a company called Ontrack and "recovered" my BE that had ULS. The recovered version had No ULS on it and they could see everything in my database. Is there any way to protect an Access database so that it cannot be opened with a simple comercial program? For example, can it also be encrypted? I am assuming that I am doing something wrong. Also, I had suggested using the Server's security functions to protect the BE but they said that users could still take the BE off the server. If access can't secure itself, is there a way to secure the BE behind a Server's firewall, etc? This is all rather depressing since it seems that I can't use the program!!! thanks, > I am with a University and I have an access Database that I want to > put on their server but the IT people say that it is their [quoted text clipped - 17 lines] > > thanks, If you need to protect your data from non-users of the application then network security is sufficient to do that. If you need to protect the data from USERS of the application then the data should not be in an MDB file. In that sense your IT people are correct.  SignatureRick Brandt, Microsoft Access MVP Email (as appropriate) to... RBrandt at Hunter dot com Thank you, however what can i do? Can you direct me to a note someone has written on how to convert my BE to a non MDB file so that I can protect it. In other words, I am sure that there is published somewhere how to convert it to MS sql or something so that users in a network environment can use my FE with the forms linked to a secure, server-based BE so that I can educate myself a bit before talking with the IT people. One last thing, is it not possible to encrypt the BE through Access tools? thanks > > I am with a University and I have an access Database that I want to > > put on their server but the IT people say that it is their [quoted text clipped - 22 lines] > from USERS of the application then the data should not be in an MDB file. > In that sense your IT people are correct. > Thank you, however what can i do? > Can you direct me to a note someone has written on how to convert my [quoted text clipped - 6 lines] > One last thing, is it not possible to encrypt the BE through Access > tools? Encrytping in Access just protects the data from being looked at with Notepad, a hex editor, or similar program. It does nothing to protect someone from looking at it with Access because Access just decrypts it on the fly as it is looked at. Depending on the application it can be fairly easy to move the data to a server database (like SQL Server) or it can be a big job. First thing would be to see if you can get a SQL Server instance installed on a server somewhere on the network and whether someone in the IT staff will maintain it or if they will expect that to be your problem. Until you have that figured out there is no point in worrying about the technical details of doing it. SignatureRick Brandt, Microsoft Access MVP Email (as appropriate) to... RBrandt at Hunter dot com thanks for your help and time, I will get with them. > > Thank you, however what can i do? > > Can you direct me to a note someone has written on how to convert my [quoted text clipped - 19 lines] > figured out there is no point in worrying about the technical details of > doing it. Hi Rick, Sorry to bother you again but this is really bothering me and I just want to confirm things. If I understand things correctly it is IMPOSSIBLE to secure a mdb file (i.e. backend) and even with user level security ANYONE that has access to the BE can easily open it and read any info using a comercially available program. If this is true the Access is pretty damn worthless. Any Access database that stores peoples ages, credit card numbers, addresses, etc. is accessable to anyone that can get to the backend. How come NOBODY talks about this. When I asked questions about securing my data I was told by everyone to use ULS and RWOP queries to lock people out of things- which I now see was a big waste of time. If it is truly tis bad people need to start talking openly about this. For example, I saw an MVP that has an application for taking reservations etc. for tourists. If I bought this and put it on a pc, even with ULS an employee could take the BE, open it and sell people's credit card numbers etc. Surely I am missing something ...... or is it really this bad? thanks, > > Thank you, however what can i do? > > Can you direct me to a note someone has written on how to convert my [quoted text clipped - 19 lines] > figured out there is no point in worrying about the technical details of > doing it. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.