Regardless of which DBMS is used, storing data that has sensitive
information on a laptop is a recipe for disaster. DON'T DO IT! You can do
your work with the data left on the server. By using Terminal Services, you
can even run an entire database over a VPN connection with ease.
That doesn't mean that you can't use replication or store a local copy of a
database on a laptop. It does mean that if the data is sensitive, you'd
better protect it by storing it on the server, and leaving it there. Certain
data should only be accessed securely. Patient information is legally
requited to be stored that way.
Good security practices are important. The biggest data heist to date was
caused by insufficient security from handheld pricing computers at TJMax.
45.7 million people had their personal information compromised, because
thieves gained network access from an unsecured WiFi connection between
handheld pricing computers and the server.
As a general rule of thumb:
1. Do not store anything that you do not need just because it might be
useful someday.
2. Secure everything, if anything on a system is in anyway sensitive.
3. Use secure system passwords, preferably pass-phrases with more than 15
characters. (14 character passwords can be cracked in under 5 minutes).
4. If using any WiFi, use the most secure method that you can find. (WEP can
be cracked in under 2 minutes).
--
Arvin Meyer, MCP, MVP
http://www.datastrat.com
http://www.mvps.org/access
http://www.accessmvp.com
SteveS said:
I totally agree....
Can you say "Government Laptop" ......
--
Steve S
--------------------------------
"Veni, Vidi, Velcro"
(I came; I saw; I stuck around.)
Arvin Meyer said:
It's about this time that I get into my SSN rant. I never give my SSN to
anyone who doesn't need it, except when credit is required by me. That
does
NOT include health insurance. It should be illegal to use it for any
insurance or for credit, or for that matter anything that doesn't require
reporting income to the federal government. I make it known to the
requester
that I expect the number to be held securely and not shared with anyone
for
any reason.
I have and I do write Access databases which store SSNs. I discourage it
to
the extent that I can.
--
Arvin Meyer, MCP, MVP
http://www.datastrat.com
http://www.mvps.org/access
http://www.accessmvp.com
SteveS said:
It's amazing how many people give their SSN to anyone that asks for
it...even
though the person asking has NO valid reason for needing it.
Whenever I can I refuse to give my SSN. If someone insists and it is
just
to
fill in a box, I make up a number. AFAIK, valid SSNs do not start with
the
number "9".
Back to the format. I use
Format([SSN],"xxx-xx-@@@@")
unless the client needs to see the full number.
--
Steve S
--------------------------------
"Veni, Vidi, Velcro"
(I came; I saw; I stuck around.)
:
I would caution about creating any application that stores or displays
social
security numbers. It's likely to be illegal, if not now, in the near
future.
:
I have an unbound form with a listbox. One of the columns in the
listbox is
a Social Security Number. I would like to display the number
formatted
as a
Social Security Number instead of an eight digit number without the
hyphons.
I tried formatting the number in the query as:
Format([SSN],"###-##-###")
This did not work. Can someone give me an insight? Thanks...
