Shared Level Security for ACCDBs

Securing a database application with a password allows a collection of application users to have a shared password to access the data within the database. This model works well for small groups, where all users are allowed to have access to any and all of the data contained in the database file. For example, the Marketing department may need to communicate data statistics through a series of reports created in an Access database solution, in which all of the Marketing employees have full access to the database. Because several departments in the company share the same network resources, though, Marketing wants to prevent unauthorized users, such as Development department employees, from viewing this data until it is released publicly. The shared-level security model is perfect for this situation because all data in the database is okay to be viewed by the entire authorized user group. Meanwhile, this model prevents unauthorized users from seeing the data.

However, simply adding database password is not quite enough security to ensure full data protection. The ACCDB format is similar to its predecessor, the MDB file format, in that the raw data is stored in almost plain text. This means that if the database file is opened in a text-editing program such as Windows Notepad, it is likely that most of the data can be deciphered with ease, especially if the intruder is familiar with the format. Fortunately, the solution to this problem is already built into the shared-level security feature for Access 2007.

0 0

Post a comment