Data encryption on a split Access DB Gino 09.06.2006 05:06:01 We have a split Access database. The front end is on the individual stations while the data tables are in the back end database on a server. I would like to protect the data on the back end so that, if stolen, the back end data cannot be used. The idea would be to have some kind of real time encryption/decryption mechanism, making the encrypted backend data readable only when loaded in the front end Access. Any idea? Thank you all for any suggestion you can provide. Gino

Re: Data encryption on a split Access DB "Keith Wilby" <here[ at ]there.com> 09.06.2006 08:43:15 "Gino" <Gino[ at ]discussions.microsoft.com> wrote in message news:EFC6EA00-B760-46C1-A57B-81FB88D1EC25[ at ]microsoft.com... [Quoted Text] > We have a split Access database. The front end is on the individual > stations > while the data tables are in the back end database on a server. > > I would like to protect the data on the back end so that, if stolen, the > back end data cannot be used. The idea would be to have some kind of real > time encryption/decryption mechanism, making the encrypted backend data > readable only when loaded in the front end Access. > If you realistically suspect that your data may be stolen and that data is sensitive then I would recommend you use Oracle or some other beefy SQL based BE. Good as it is, Access security can be broken by a determined hacker. Regards, Keith. www.keithwilby.com

Re: Data encryption on a split Access DB Gino 09.06.2006 14:28:01 Hi Keith, thank you very much for your suggestion. We do understand that Oracle would overall be a much more comprehensive security solution; unfortunately the system is a small departmental application and there is no expertise to implement an Oracle solution. What we would like to do for now is to have a first line of defense minimizing the possibility that the content of the database be open at home by employees who may have copied the back end Access database for casual personal use (which may however result in totally exposing some confidential data to potential disclosure). I heard that there are some external encrypting programs which can decrypt/encrypt files when opening/closing applications. I was wondering however if somebody has been able to create an encryption/decryption scheme within an Access FE/BE application itself or has some ideas on how to go about it. Thank you again and regards Gino ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Keith Wilby" wrote: [Quoted Text] > "Gino" <Gino[ at ]discussions.microsoft.com> wrote in message > news:EFC6EA00-B760-46C1-A57B-81FB88D1EC25[ at ]microsoft.com... > > We have a split Access database. The front end is on the individual > > stations > > while the data tables are in the back end database on a server. > > > > I would like to protect the data on the back end so that, if stolen, the > > back end data cannot be used. The idea would be to have some kind of real > > time encryption/decryption mechanism, making the encrypted backend data > > readable only when loaded in the front end Access. > > > > If you realistically suspect that your data may be stolen and that data is > sensitive then I would recommend you use Oracle or some other beefy SQL > based BE. Good as it is, Access security can be broken by a determined > hacker. > > Regards, > Keith. > www.keithwilby.com > > >

Re: Data encryption on a split Access DB jacksonmacd <jackMACmacdo0nald[ at ]telus.net> 10.06.2006 13:49:31 On Thu, 8 Jun 2006 22:06:01 -0700, Gino <Gino[ at ]discussions.microsoft.com> wrote: [Quoted Text] >We have a split Access database. The front end is on the individual stations >while the data tables are in the back end database on a server. > >I would like to protect the data on the back end so that, if stolen, the >back end data cannot be used. The idea would be to have some kind of real >time encryption/decryption mechanism, making the encrypted backend data >readable only when loaded in the front end Access. > >Any idea? >Thank you all for any suggestion you can provide. >Gino > Have you applied user-level security to the database? Done correctly, it will make it such that your database cannot be opened without also having the correct workgroup file, plus having the required usernames and passwords. Access user security is not to be taken lightly, so read very carefully and thoroughly, practice on a COPY of your database, and don't skip any steps in the process. Here are a number of links about security: http://home.bendbroadband.com/conradsystems/accessjunkie/resources.html#Security Having said that, a determined hacker will be able to bypass Access' ULS. It should be viewed as a means to keep out a casual snoop, but will not stop a determined, knowledgeable hacker. **********************jackmacMACdonald[ at ]telusTELUS.net remove uppercase letters for true email http://www.geocities.com/jacksonmacd/ for info on MS Access security

Re: Data encryption on a split Access DB Gino 16.06.2006 18:19:01 Thank you for your suggestions. I had given up on receiving other ideas so I did not look in here for a while. I did try implementing Access Security on a test database once and found it quite convoluted but I guess that if that is the only way, then that's the only way. I have a question though. If somebody looked at a security protected Access DB using a hex text editor, wouldn't he be able to actually see the data in the middle of all the squiggly code? If so then only encryption would reasonably protect the data (from semi-knowledgeable snoopers because I understand of course that not even the CIA can be 100% safe from intrusion by determined and skilled hackers) In your experience do you think that there might be some ActiveX embeddable in a VBA module, capable of on the fly intercepting and decrypting/encrypting data flows from/to BackEnd and Front End Access DB? Thank you very much Gino "jacksonmacd" wrote: [Quoted Text] > On Thu, 8 Jun 2006 22:06:01 -0700, Gino > <Gino[ at ]discussions.microsoft.com> wrote: > > >We have a split Access database. The front end is on the individual stations > >while the data tables are in the back end database on a server. > > > >I would like to protect the data on the back end so that, if stolen, the > >back end data cannot be used. The idea would be to have some kind of real > >time encryption/decryption mechanism, making the encrypted backend data > >readable only when loaded in the front end Access. > > > >Any idea? > >Thank you all for any suggestion you can provide. > >Gino > > > > > Have you applied user-level security to the database? Done correctly, > it will make it such that your database cannot be opened without also > having the correct workgroup file, plus having the required usernames > and passwords. > > Access user security is not to be taken lightly, so read very > carefully and thoroughly, practice on a COPY of your database, and > don't skip any steps in the process. > > Here are a number of links about security: > > http://home.bendbroadband.com/conradsystems/accessjunkie/resources.html#Security > > Having said that, a determined hacker will be able to bypass Access' > ULS. It should be viewed as a means to keep out a casual snoop, but > will not stop a determined, knowledgeable hacker. > **********************jackmacMACdonald[ at ]telusTELUS.net > remove uppercase letters for true email > http://www.geocities.com/jacksonmacd/ for info on MS Access security >