When to implement Security

R

Ripper

When is the best time to start security? Should I start the security before
I create the database or should I create the database and then apply
security? I am using Access 2000 and want user level security.

Also, depending on the level of the user, I want to have a different start
form.

Teachers start with frmMain-Teacher
Office frmMain-Admin
CITS frmMain-CITS
Me - Database view
Registrar - frmMain-Reg

I know 2 questions with 1 post.

Anyone out there with an answer?
 
J

Jeff Conrad

in message:

Comments below Ripper....
When is the best time to start security? Should I start the security before
I create the database or should I create the database and then apply
security? I am using Access 2000 and want user level security.

Interesting question and I'm sure you will get some varied opinions on
the subject. Either option probably has some pros and cons with it.
Typically I have set up the database just how I want and then apply
the security when I am all finished, but that is just me. One advantage
of applying security as you go along is that you can completely test
everything along the way. For example, if FormA should only be opened
by a user group B, then you can actually test this using your custom
workgroups while developing FormA. Could save some time perhaps.

The *best* advice I can give is to be *thinking* about security during
the entire process. While developing you can make things easier for
yourself by naming database objects that will help you remember who
can do what. For example, say you have a group called grpTeachers
and only that group can use a specific form. You could call it
frmgrpTEntryForm and maybe the query that feeds it is
qrygrpTEntryForm. When you start applying permissions you will easily
spot everything assigned to grpT and make the necessary permissions.
Just a thought.
Also, depending on the level of the user, I want to have a different start
form.

Teachers start with frmMain-Teacher
Office frmMain-Admin
CITS frmMain-CITS
Me - Database view
Registrar - frmMain-Reg

Sure, this is possible. You could easily create an AutoExec macro that
launches some module code. The module code would first check to see
what group the Current User belongs to (there is code in the FAQ for
this) and then load whatever form is necessary.

For some great User Level Security links, review the information I have
accumulated here:

http://www.ltcomputerdesigns.com/JCReferences.html#Security
 
T

TC

Ripper wrote:

(snip)
When is the best time to start security? Should I start the security before
I create the database or should I create the database and then apply
security? I am using Access 2000 and want user level security.


IMO it depends on whether you are confident in implementing security.
Ie. have you done it before, and are confident that you know how to do
it properly.

If NOT, then, you should recognize that it could take a few weeks (not
days) to understand it properly. You'll need to experiement, & maybe
start again several times. In that scenario, it would probably be best
to continue developing your main database /unsecured/, while you
experiemented with securing some other, "throw away" database.

HTH,
TC
 
R

Rick Brandt

TC wrote:
[snip]
IMO it depends on whether you are confident in implementing security.
Ie. have you done it before, and are confident that you know how to do
it properly.

If NOT, then, you should recognize that it could take a few weeks (not
days) to understand it properly. You'll need to experiement, & maybe
start again several times. In that scenario, it would probably be best
to continue developing your main database /unsecured/, while you
experiemented with securing some other, "throw away" database.

HTH,
TC

I have the opposite opinion. For those unfamiliar with the mystics of security
I would suggest creating an MDW, then a new blank MDB and then testing and
tweaking until they are positive that security (with respect to who can open it
using what workgroup) is correct and THEN they can start adding objects to it.

As long as they deny permission to all of the "New object" choices then starting
with this framework they will automatically default all objects that are either
created or imported to NO permission or Ownership for the "Admin" user which is
one of the oft-missed details by people attempting security.

Such a blank file could then be saved as a template starting point for any
future secured files.
 
T

TC

I think our views on this are aligned - not opposed. We both suggest
that he learns security by starting with a brand-new database - not his
"for real" application. By "throw away" database, I really meant, a
brand new one.

Cheers,
TC
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top