Access Security

Security

There are four basic items that you can do to secure your database.

1. Password protect – Somewhat effective but there are many programs out there that can be used to bypass passwords.

2. Encoding – This is somewhat more effective since the coding method is more random and harder to get by.

3. Groups and Access – You can create user groups and limit access by group. This can be effective but it can also be a nightmare in maintaining who is in what group and who has what access. It seems that there is always someone that overlaps user groups and needs full access in one group but only access to one thing in another group and then you have to decide how to grant that access.

4. Hiding – This can be from two approaches. On your network system, items in your database can be hidden from some users and not others. Sort of the out-of-sight-out-of-mind approach. For many users this will work just fine. Other users see this as a challenge to find the data.

The other part of this is hiding your computers, and thus your data from the internet as a whole so that hackers and other such slime cannot get a ping in response when they are seeking out vulnerable systems.

Why To Secure

Some times your data is proprietary and this information needs to be secured from your competitors. If your knowledge got out you might lose your competitive advantage.

Your data might sometimes be secret. Think of all the data that government agencies have that is secret, not the least to say at the CIA.

By law, only some data is to be released to certain people. Think of the forms you sign at the doctor’s office as to who can view your records and FRPA laws at our universities.

Sometimes data is out there to be viewed on systems, as public knowledge, but is not to be changed by the viewer. This could be public information such as property information at city hall and other public records.

Personal information is very important to keep secure. We have heard about Cendant being hacked into last year and thousands of people’s personal data was comprised. In this day and age of identity theft, keeping our names and SSN’s secure is important.

Data integrity is also important. We want to know that the information that we are looking at is accurate, up-to-date and reliable. We do so much of our research on-line now that we want to know that the information that we may be relying on to validate our suppositions is true and accurate.


Security Flaws

First and foremost, as with any computer program, there is always the dangers of viruses and worms that may be programmed to attack a specific program and Access is no different. There have also been instances of macros being programmed that either run automatically or when you have downloaded and installed them as part of your Access data.

Remote Code executions for Microsoft office seem to be the greatest occurrence of vulnerability of security flaws and need to be dealt with. There were many instances of this, mostly for Office itself, but occasionally for PowerPoint and some of the other applications, but for the most part they applied to the application as a whole.

In other words, someone at another location can access the vulnerability through your office program to gain access and even control over your computer and then do what they want with your data and/or your computer.