User Permissions

D

dstremmet

I've developed a database in Access 2007 and only want the users to be able
to access the forms and not any of the tables. The tables have sensitive
information. How do I secure the tables to do that?
 
J

Jerry Whittle

Well if you created the database in the .accdb format, you don't. To ensure
that the users can't see anything that you don't want them to see, you must
enable user level security. The new .accdb format doesn't support that. If
you convert the database, or created it in the first place, to the older .mdb
format, then you can enable user level security. Keep in mind that user level
security isn't the easiest thing to enable and it requires a lot of
maintenance such as when you get new users.

You could hide the Navigation Pane and/or hide the tables; however, someone
with even a little knowledge and determination could bypass those and see the
data in the tables.
 
T

Tom Wickerath

Jerry,

Not only is ULS somewhat complex to implement, but it does not guarantee
security at all. There are free tools available on the internet for cracking
"security" implemented using ULS. The best that any file-based security can
achieve is to keep honest people out.

DKS: You didn't say how sensitive your data really is, but if it includes
Personally Identifiable Information (PII), such as home address, SSN,
birthdate, etc. then you really need to look into moving your data to SQL
Server, Oracle or even SharePoint to control who has access to this data.


Tom Wickerath
Microsoft Access MVP
http://www.accessmvp.com/TWickerath/
__________________________________________
 
A

Arvin Meyer [MVP]

The best that any file-based security can
achieve is to keep honest people out.
Click to expand...

I would argue that almost any security system has that same limitation. A
determined crook will break into almost anything. Access ULS, when properly
implemented, is sufficient for most internal security concerns where
employees have been vetted by the HR department. External access also has a
network security factor to be taken into account. And when using a properly
configured Terminal Server, Access can be made equally secure to practically
any system.

In any case, the sensitivity of the data is what should determine the type
and level of database engine and database security to be used. And to answer
the original question, here's a link to the ULS Security FAQ.:


http://support.microsoft.com/support/access/content/secfaq.asp?SD=gn&LN=en-us&gssnb=1
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Record-Locking remains open after closing 0
limit users to use only forms (security, access, write only) 1
Best way to deploy Access read-only database that is linked to SQL tables 6
Linked Tables and SQL Server permissions 3
making a copy of a database with restricted user access 2
Cannot open database ? 2
Protect tables? ACCESS2007 w/ *mdb Database 1
Error 3051 Help Please 6

Top