Re: some security concerns
- From: "paii, Ron" <none@xxxxxx>
- Date: Wed, 7 Nov 2007 13:02:24 -0600
"sparks" <jstalnak@xxxxxxxxxx> wrote in message
news:oa24j3h7me2e9pi8b32nt83t1n024khiav@xxxxxxxxxx
The biggest thing is they don't want to make it hard for ANYONE to log
in and enter whatever, add, delete or edit a record.
I'm not an expert on MS SQL Server, but if you are using Active Directory; I
think the serve can use the AD login. Access security will require a
password for the database which cannot be linked to Active Directory.
BUT they want to know who what when and where. BUT only if there is a
problem.
There are example of logging code for Jet but nothing that could be used to
rebuild your database after a mass delete of records. As for deleting MDBs,
Windows server has Shadow Copy that will generate backups that can be
restored. Also your IT department should be doing regular backups.
the
On Wed, 7 Nov 2007 11:34:11 -0600, "paii, Ron" <none@xxxxxx> wrote:
"sparks" <jstalnak@xxxxxxxxxx> wrote in message
news:cjn3j3lin1eh9a4tqp1jhgo7fbtl1tdbgs@xxxxxxxxxx
We have a TON of access databases on our servers.
after 10 yrs a person went in and wiped about 50 files in one.
ALL hell broke loose.
A few questions if I may.
one person said ok we can link tables and put the data on another
server..WELL you can still remove records..
we can log every person who logs into the database, and we can log
times..but if we store this info in the table they are working on how
will we know what they did if they delete the record.
Put logs into another table...is there a way to say ok bob logged in
on 9/25 he added records 201,202,203 and deleted record ....###
adding would be easy but editing and deleting sound like a pain to
track....correct ?
they do not want locked down databases....one of the people even said
they wanted to know who deleted a database. I told them to call IT
maybe they knew how to track that...can they?
overall it still comes down to training of the data entry people as
well as the statistics people. AND TRAINING is degrading to a stat
phd. Training data entry people cost money, and they should not be a
problem with them....ok forget this last paragraph its a no win
arguement around here.
thanks for any comments on this or anything else about securing from
this type of thing.
Sounds like you need to upsize to a SQL server with all the security and
logging options engaged. I don't think a Jet database can be secured to
level you indicated needing.
.
- References:
- some security concerns
- From: sparks
- Re: some security concerns
- From: paii, Ron
- Re: some security concerns
- From: sparks
- some security concerns
- Prev by Date: Re: some security concerns
- Next by Date: Re: Failed to publish report to MS Office Word or Excel
- Previous by thread: Re: some security concerns
- Next by thread: Re: some security concerns
- Index(es):
Relevant Pages
|
