[AccessD] Access for Office 365 - New Linked Table Manager

James Button jamesbutton at blueyonder.co.uk
Sun Oct 28 13:13:37 CDT 2018


Jim, 

Thanks for the detailed response.

Nice ideas and a far more careful and controlled approach than I use, although realise I really ought to consider some of the techniques.

I do not run a web site and just have the hub provided by my ISP.

Basically, I accept that stopping any intrusion via the web is probably not possible without a substantial investment - 
Hardware, software setup, and time - so separation and restorability is basically my approach.

And - for those continually swapping cabled (USB backup) devices I recommend cables permanently plugged into the devices, and then just provide power, and join the appropriate (labelled) cable ends 
That way the physical failure is liable to be the cable rather than the socket in the device, and less likelihood of disconnecting the multiple, or wrong device cables from the back of the PC.

JimB


-----Original Message-----
From: AccessD <accessd-bounces at databaseadvisors.com> On Behalf Of Jim Lawrence
Sent: Sunday, October 28, 2018 5:16 PM
To: Access Developers discussion and problem solving <accessd at databaseadvisors.com>
Subject: Re: [AccessD] Access for Office 365 - New Linked Table Manager

You seem to have taken a very prudent approach to your systems structure...good on you.

For my approach I have used my router as my first line of defence. First I set the firewall setting to SPI. It can be described in a complex manner but it really means; send out a request on a port, the response is expect back on the same port. This stops a remote application from responding on a port that does not have the appropriate listener. (I have turned ping reply off)

Second, I decided to no longer use either IIS or Apache web server and am now using NodeJS. Security through obscurity.

Third, I have put each website within its own Docker Containers, If a site gets hacked it can be deleted and replaced in minutes.

Fourth, when wandering I always use a non recording VPN. There are so many hacker bots and they will tend to pound on a router until they find an open port and then... Anytime I have failed to browse anonymously my email fills with ads. 

Fifth, when remoting in always use SSH or SSL. Full encryption and if the authorize security is setup between the remote and local stations, it replaces username/password login. Great when doing remote support or backups etc... as the processes can be fully automated.

Sixth, when remoting in via RDP (should never be used but there are occasions), I change the address from the default via editing the registry.

That is but a few standards I use...not perfect but along with backups recovery and access security I feel relatively safe.
 
Jim 

----- Original Message -----
From: "Access Developers discussion and problem solving" <accessd at databaseadvisors.com>
To: "Access Developers discussion and problem solving" <accessd at databaseadvisors.com>
Cc: "James Button" <jamesbutton at blueyonder.co.uk>
Sent: Saturday, October 27, 2018 2:26:52 PM
Subject: Re: [AccessD] Access for Office 365 - New Linked Table Manager

Yep - stability - not a feature of MS software.

My approach for the business side of life

2 PC's, 1 for online business access running my general browser activities in a
VM
Yes - the system is open to malware intrusion, but hopefully the AV will deal
with OS targeted intrusion and the VM will stop web browser and email
transported malware getting out of the sandtrap.
Hopefully! 

Second system for business work - does not (usually) talk to the web, including
MS - yes it runs the 2016 version that comes with 365

I have a full backup before I do the ( bimonthly) periodic update - and then
specially allow it to get updates to the anti-malware profiles etc about 2 weeks
after the update and do a scan

Then after the 2 week hiatus, I can hopefully resume doing business work that
needs stability on it-
 it gets and despatched files using USB storage media to pass data to, and from
the online system
 so neither system gets to be able to 'access' the other.

Safety is not a certainty but the stability helps 
And as the 2 systems are the same models, in the event of a hardware failure can
just move the OS drive (or restored image) to the other system if needed,

Luckily I do not expect to be 'working' for anywhere near another 10 years 
So will be able to get the 2019 (Ok maybe it's successor) and adopt a similar
approach to it's security fixes to cover any needed win-10 and office use for my
activities after business work ends.  
And - maybe Android, or any OS that is not MS will be my personal use
environment. 

I can also see major organisations returning to Linux for their corporate
environments  due to both the reduced cost ( OK maybe 20 systems staff instead
of 10systems support and team of 10 user call response help desk staff) and the
much reduced software and hardware costs. 
As in you can run most user business environments on a £200 2GB RAM tablet
system where a windows one is looking to need 8GB RAM and at least 64 GB of SSD
storage costing £400 + licences of £100 a year for the unstable office
facilities.

JimB

-----Original Message-----
From: AccessD <accessd-bounces at databaseadvisors.com> On Behalf Of Jim Lawrence
Sent: Saturday, October 27, 2018 9:06 PM
To: Access Developers discussion and problem solving
<accessd at databaseadvisors.com>
Subject: Re: [AccessD] Access for Office 365 - New Linked Table Manager

I think your concerns are very valid. 

I must admit I have equal fear that trying to run a serious business solely
online is dangerous. A good backup, just like a data backup is priceless. When I
was in the business and through friends that are still on the frontline, I found
the a company's website could be run internally as an extended intranet as
easily as it could be run via the internet. In fact, errors were discovered more
quickly and upgrades were faster....the usefulness of many eyes can't be over
stated.

I personally believe that being too attached to proprietary software, when there
is no private ownership of it and especially when it is not stable, is very
risky.
 
Jim

-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list