|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
MDE security issue Guru's please help ...Any time you can take a copy of a file ( an Access XYZ.MDE file) and walk away with it, it's not very secure. But this was just to easy. My app is split in to a back and front end. Most application data is stored in a back-end consiting of tables only. The front end has links to the back-end and a few local tables for settings and the like. My back-end requires a password to open the database. The front is complied to an MDE. I did not realize that you could simply open any Access MDB or create a new one and import all the tables including linked tables and gain read write access to the link tables data in the MDE. (Ooch!) Is there anyway to prevent this other than with Access workgroup security? Is their some programmable option that can hide or otherwise make importing my linked tables (with connection strings) impossible. Thanks for any help. Joe Joe wrote:
Show quoteHide quote > Hello All, Most Access security steps are either barriers or obfuscation of one kind or > > Any time you can take a copy of a file ( an Access XYZ.MDE file) and > walk away with it, it's not very secure. > > But this was just to easy. My app is split in to a back and front > end. Most application data is stored in a back-end consiting of > tables only. The front end has links to the back-end and a few local > tables for settings and the like. > My back-end requires a password to open the database. The front is > complied to an MDE. > > I did not realize that you could simply open any Access MDB or create > a new one and import all the tables including linked tables and gain > read write access to the link tables data in the MDE. (Ooch!) > > Is there anyway to prevent this other than with Access workgroup > security? Is their some programmable option that can hide or > otherwise make importing my linked tables (with connection strings) > impossible. > Thanks for any help. > > Joe another. My general advice is... To protect the data from non-users of the app use network security. To protect data from users of the app DON'T store it in an MDB. Use a server based back end that has more robust security. With an MDB you can only keep out the ignorant. -- I don't check the Email account attached to this message. Send instead to... RBrandt at Hunter dot com There are cracks for everything nowadays. But, even though easily available
via an internet search, they at least require some effort and intent on the user's part. Most users, fortunately, just want to use your app to do their job. An mde only secures forms and code and things. It doesn't do a thing for table security, even without hacking. If you implement User Level Security, on both the front-end and the back-end, they at least have to go to some trouble to break into it (higher-level cracking at least requires they purchase something, which is better than merely free) So, yes you are right. It CAN just be copied. Like Rick Brandt said (but I'll say in my own way), Access security is only one of many aspects of security. Don't employ ex-hackers for instance :-) Are you trying to secure your "program" (mde), or your "data"? Is it "your data" or "their data"? Gosh, there are so many security questions... Show quoteHide quote "Joe" <Jo***@aol.com> wrote in message news:u8C$jFn1FHA.2924@TK2MSFTNGP15.phx.gbl... > Hello All, > > Any time you can take a copy of a file ( an Access XYZ.MDE file) and walk > away with it, it's not very secure. > > But this was just to easy. My app is split in to a back and front end. > Most application data is stored in a back-end consiting of tables only. The > front end has links to the back-end and a few local tables for settings and > the like. > My back-end requires a password to open the database. The front is complied > to an MDE. > > I did not realize that you could simply open any Access MDB or create a new > one and import all the tables including linked tables and gain read write > access to the link tables data in the MDE. (Ooch!) > > Is there anyway to prevent this other than with Access workgroup security? > Is their some programmable option that can hide or otherwise make importing > my linked tables (with connection strings) impossible. > > Thanks for any help. > > Joe > > Workgroup security stops the user doing certain things. /Without/
workgroup security, /any/ user can do /anything/ with your front or back end database, in terms of reading, changing or deleting data from either or both. HTH, TC there's no way to *completely* secure an Access database. but you can do
various things to make it "more" secure. suggest you pick up a copy of Garry Robinson's Real World Microsoft Access Database Protection and Security; there are plenty of useful ideas there to choose from. hth Show quoteHide quote "Joe" <Jo***@aol.com> wrote in message news:u8C$jFn1FHA.2924@TK2MSFTNGP15.phx.gbl... > Hello All, > > Any time you can take a copy of a file ( an Access XYZ.MDE file) and walk > away with it, it's not very secure. > > But this was just to easy. My app is split in to a back and front end. > Most application data is stored in a back-end consiting of tables only. The > front end has links to the back-end and a few local tables for settings and > the like. > My back-end requires a password to open the database. The front is complied > to an MDE. > > I did not realize that you could simply open any Access MDB or create a new > one and import all the tables including linked tables and gain read write > access to the link tables data in the MDE. (Ooch!) > > Is there anyway to prevent this other than with Access workgroup security? > Is their some programmable option that can hide or otherwise make importing > my linked tables (with connection strings) impossible. > > Thanks for any help. > > Joe > > > Is there anyway to prevent this other than with Access workgroup You don't have to use linked tables. You can use forms bound directly to the BE database. And/Or dynamic sql directly referencing the BE database. (david) Show quoteHide quote "Joe" <Jo***@aol.com> wrote in message news:u8C$jFn1FHA.2924@TK2MSFTNGP15.phx.gbl... > Hello All, > > Any time you can take a copy of a file ( an Access XYZ.MDE file) and walk > away with it, it's not very secure. > > But this was just to easy. My app is split in to a back and front end. > Most application data is stored in a back-end consiting of tables only. > The front end has links to the back-end and a few local tables for > settings and the like. > My back-end requires a password to open the database. The front is > complied to an MDE. > > I did not realize that you could simply open any Access MDB or create a > new one and import all the tables including linked tables and gain read > write access to the link tables data in the MDE. (Ooch!) > > Is there anyway to prevent this other than with Access workgroup security? > Is their some programmable option that can hide or otherwise make > importing my linked tables (with connection strings) impossible. > > Thanks for any help. > > Joe > 
Other interesting topics
Security change takes effect only locally, not on server
TC - New security model Access Security When called from .NET Share Workgroup Information File You do not have Exclusive acces to the database at this time????? Relink tables in a secured DB - create table permission required? Securing the Back-End How to control the number of installed front end files (*. mde) Export or Import Objects from One Secured Database to Another Locked out of all Access DBs |
|||||||||||||||||||||||
