[AccessD] POLL: Access Security

Erwin Craps Erwin.Craps at ithelps.be
Thu Nov 13 06:30:43 CST 2003 

Kath, I totaly agree with you.

I believe I'm a 3, but I find Access security insuffcient and
unpractical to use so I stopped using it (for same reasons as you state
in point 2, I want to add that a office repair each time reset or
overwrites your MDW file).
Further more my clients are SME's and I develop taylor made applications
for them.
Belgian law (I believe it a European guideline) says that with Taylor
made software you are obligated to deliver the source code of your
application to the customer. So I don't see the point of protecting it
furthermore than wat you stipulate in point 1 and 3.
Only thing that a non-profesional can not change is the
splash/info/license form with wy name, logo etc on it. I would like to
protect that better, but that the only thing.


Erwin



-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Kath Pelletti
Sent: Thursday, November 13, 2003 3:32 AM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] POLL: Access Security


Several reasons:

1. Most of my clients don't need that level of security and protect
their data in other ways,

2. I have worked on several sites where the combination of mdb's secured
with multiple mdw's was a nightmare for the same people who set them up
(ie in house staff), several cases of 'lost' mdw's and I find that too
often the original system mdw's are modified (I can remember posting
problems with Access security to the list which all ended up being a
case of the client's original system.mdw having been
modified....headaches) 

3. When clients ask me (all the time) to set up security, it has mostly
been because they want to make some aspects of the system visible / not
visible to groups of users, or certain functions available / not
available to groups of users. So a homegrown system which tracks a user
group and user name has been enough for me combined with setting my
system properties before delivering the mde. It is made clear to the
client that this level of security will never prevent them from a
professional who is determined to hack in.

I'm not expert on this and I look forward to reading what the "1's"
have to say...........so many posts have been made to the list on
security that it's obviously an issue for most developers at some stage
or another.

Kath
  ----- Original Message ----- 
  From: John W. Colby 
  To: Access Developers discussion and problem solving 
  Sent: Thursday, November 13, 2003 1:01 PM
  Subject: RE: [AccessD] POLL: Access Security


  Ahh.. understood.

  And why is it your choice to not use Access Security? (yes, that is a
  leading question ;-)

  John W. Colby
  www.colbyconsulting.com

  -----Original Message-----
  From: accessd-bounces at databaseadvisors.com
  [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Kath
Pelletti
  Sent: Wednesday, November 12, 2003 8:51 PM
  To: Access Developers discussion and problem solving
  Subject: Re: [AccessD] POLL: Access Security


  No - I have (years ago) trained advanced users in Access security over
and
  over again, so the basics had to become second knowledge to me.

  I was asked by a client when writing a large-ish system to
specifically use
  security so I did that. I have helped clients who have secured
databases
  with setting up shortcuts to specifically call their mdw files, as
they
  often have several mdb's secured and several mdw's. I have helped
clients
  who have corrupted their system mdw's restore them back etc etc.

  So it may take me some basic revision now that I do not use it (my
choice
  and totally my preference) but not much.

  Kath
    ----- Original Message -----
    From: John W. Colby
    To: Access Developers discussion and problem solving
    Sent: Thursday, November 13, 2003 12:33 PM
    Subject: RE: [AccessD] POLL: Access Security


    Kath,

    Pardon me if I seem incredulous but you are saying that you have
used
  Access
    Security once, three years ago, but could secure a database in a few
hours
    without referencing any books or help?  Is this the same security I
am
    looking at?  Am I making it harder than it is?

    John W. Colby
    www.colbyconsulting.com

    -----Original Message-----
    From: accessd-bounces at databaseadvisors.com
    [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Kath
Pelletti
    Sent: Wednesday, November 12, 2003 8:26 PM
    To: Access Developers discussion and problem solving
    Subject: Re: [AccessD] POLL: Access Security


    Yeah - I would be a 2, but unless the client specifically insists on
that
    form of security (it did happen once but 3 years ago) I use my own
login /
    security procedure.

    Kath
      ----- Original Message -----
      From: Haslett, Andrew
      To: 'Access Developers discussion and problem solving'
      Sent: Thursday, November 13, 2003 12:15 PM
      Subject: RE: [AccessD] POLL: Access Security


      6) I don't use the built in security functions of Access. I  Use
MDE's
  and
      roll my own security depending on the requirements of the client.

      -----Original Message-----
      From: John W. Colby [mailto:jcolby at colbyconsulting.com]
      Sent: Thursday, 13 November 2003 11:30 AM
      To: AccessD
      Subject: [AccessD] POLL: Access Security


      I'd like to take a poll regarding your knowledge of Access'
built-in
      security. By security I do NOT mean the database properties,
rather
  using
      workgroups / users to secure forms, tables, queries etc.

      Anyone interested in participating please choose one of the
following:

      1) I am an Access security guru.  I can quickly and easily lock a
  database
      down so tight I can't even get back in.  No help / books needed.
      2) I am fluent with Access security.  I can get the job done but
it
      definitely takes a few hours.  I probably won't need the help /
books.
      3) I have done Access Security on at least one real paying
project.  I
    would
      need help / books to do it again.
      4) I have heard about Access Security, read about it, managed to
shoot a
    toe
      off, maybe played around with it, but I am confident I could get
the job
      done.  Books / help definitly needed.
      5) Access has built in security?  What is this and where would I
go to
    learn
      it?  Why haven't I ever seen these books / help?

      If you would please just select a number and reply I would
appreciate
  it.

      As for myself, I must admit I rate a solid 4.  No client has ever
been
      willing to pay for it and I have always had other things to learn
/ do
  so
    I
      just never did it (for real).

      John W. Colby
      www.colbyconsulting.com




  _______________________________________________
  AccessD mailing list
  AccessD at databaseadvisors.com
  http://databaseadvisors.com/mailman/listinfo/accessd
  Website: http://www.databaseadvisors.com
_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list