By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,600 Members | 1,214 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,600 IT Pros & Developers. It's quick & easy.

database and security that is huh

P: n/a
We have a database with NO security on a network drive.
Seems that some IT person went in and created a security.mdw
Now no one can log into the database.

Is there a way to get rid of this and get the database back to a
normal shared database?

Aug 28 '08 #1
Share this Question
Share on Google+
10 Replies


P: n/a
sparks wrote:
We have a database with NO security on a network drive.
Seems that some IT person went in and created a security.mdw
Now no one can log into the database.

Is there a way to get rid of this and get the database back to a
normal shared database?
Find out who made the change and get them to fix it.
Aug 28 '08 #2

P: n/a
A blowtorch and a pair of pliers?
Aug 29 '08 #3

P: n/a
"sparks" <sp****@comcast.netwrote in message
news:64********************************@4ax.com...
We have a database with NO security on a network drive.
Seems that some IT person went in and created a security.mdw
Now no one can log into the database.

Is there a way to get rid of this and get the database back to a
normal shared database?
Restore it from your most recent backup? The only way you'll stop someone
from dabbling with your app is to secure it, either using Windows file
permissions or Access user-level security or a mixture of both.

Keith.
www.keithwilby.com

Aug 29 '08 #4

P: n/a
^^@Keith,

Thats not entirely true - you can also use cryptography on the fields
if you wish (although it is a lot of work), and there are other ways
of introducing security into db if you need to go down that path.

My point is simply that the IT guy has acted inappropriately and
possibly thoughtlessly. Access security isnt really secure, and if you
really want to make something secure then you need to do a risk
assessment to determine an appropriate level of security to implement.
Its not that hard, it just takes a little forethought and planning,
which is apparently what your IT guy failed to do.

I would certainly take Keiths advice and get hold of an old backup. I
would also want to have a suitable backup mechanism built into the
application itself and not have to rely solely on the IT guy to handle
this given the current situation. It is possible to make
cryptographically secure backups too. It all depends on if you need
all that stuff. Maybe the IT guy was just playing.

Cheers

The Frog

Keith Wilby wrote:
"sparks" <sp****@comcast.netwrote in message
news:64********************************@4ax.com...
We have a database with NO security on a network drive.
Seems that some IT person went in and created a security.mdw
Now no one can log into the database.

Is there a way to get rid of this and get the database back to a
normal shared database?

Restore it from your most recent backup? The only way you'll stop someone
from dabbling with your app is to secure it, either using Windows file
permissions or Access user-level security or a mixture of both.

Keith.
www.keithwilby.com
Sep 1 '08 #5

P: n/a
"The Frog" <Mr************@googlemail.comwrote
A blowtorch and a pair of pliers?
Overkill. The quote may be apocryphal, or it may have been said by someone
else _about_ LBJ, "When you got 'em by the b***s, their hearts and minds
will follow."

That said, I've been in the business a long time, and never encountered an
IT person who would secure an application from its owner/users unless
directed to do so by management or unless the IT person thought there was an
emergency that made it a _compelling need_ to do so*. It is certainly
something that you ought to take up with IT, or, even better, that your
manager ought to take up with a corresponding-level manager in IT.

* that's not to say that there isn't such a person, somewhere, but
I've worked with some pretty ditsy ones over the years and
haven't encountered any

Larry Linson
Microsoft Office Access MVP
Sep 2 '08 #6

P: n/a
I had the pleasure of working with one once. It was someone in a
security firm who made the decision that he was going to 'secure'
everything and the business be damned. Unfortunately for him he didnt
make any backups or even export the cryptographic keys and credentials
before 'activating' his master work, and of course you cant actually
make yourself a log-in if your credentials are stored in an encrypted
system and you need them to get into that very system.....

Then there was the second attempt by this 'expert' to create a 'safe'
operating environment for 'his users' where he established each user
account as a guest account - including the administrator. Lovely stuff
and I am really glad that I am not entirely sure how he managed this
master stroke.

The final stretch of genious that I saw from this very special
'expert' was when he finally decided, after threat of being fired, to
run regular backups on the servers, and to have the backups stored off-
site. Pretty reasonable one might think. Enter the last stroke of
genious, the backups were stored on cryptographicly secured drives on
a RAID array, which were swapped out as needed. Not my preferred
choice, but it could work, except that when the servers did crash it
does help to have the appropriate cryptographic certificates to be
able to read ones drives again doesnt it?

I am not entirely sure what became of this man, however I am quite
aware that he managed to destroy a company by his incompetence. I am
sure he meant well, he was just an idiot who didnt think about the
consequences of his actions. I do believe that there exists a group of
perople that are willing to experiment with other peoples toys not
knowing really what they are doing. I do hope in this case that the
OP's IT person acted with good reason and cause, and has the common
sense to handle things appropriately. However, when I see actions such
as this I cant help but feel that 'fiddling' has taken place - and
probably shouldn't have - just the same.

I cant imagine a reason that someone would encrypt a database without
telling the 'owner' if it was a risk when the database in this case is
a file that can be placed onto a DVD or tape or mobile HD, USB key or
whatever and temporarily removed from the 'offending' system entirely.
Safer, easier, and not problem to then later do a proper risk
assessment and implementation of appropriate security measures. I am
afraid that the actions of the IT person in question will always seem
either a deliberate dogs act or one of ignorance that shouldn't have
been acted on.

Just my 2 cents

The Frog
Sep 2 '08 #7

P: n/a
Well we are caught between a rock and a hard place.
First IT denies everything.. I asked who created this file.
WE DONT KNOW.

then we check the person who owns the file, I am assuming as soon as
she logged in she took ownership..Its the girl doing the data entry.
How did you log in, what username and password...
I JUST HIT RETURN RETURN and it opened.
That is what she told the IT department.

IT then said maybe it just appeared... I said no, someone had to
create it.

now someone had to go into security and set it up..It looks like you
can do it with no username and password on the security, at least that
is what they are saying. They have the whole directory copied into
some secure server for now and no one can see it.

On Thu, 28 Aug 2008 18:55:21 GMT, sparks <sp****@comcast.netwrote:
>We have a database with NO security on a network drive.
Seems that some IT person went in and created a security.mdw
Now no one can log into the database.

Is there a way to get rid of this and get the database back to a
normal shared database?
Sep 2 '08 #8

P: n/a
sparks wrote:
Well we are caught between a rock and a hard place.
First IT denies everything.. I asked who created this file.
WE DONT KNOW.

then we check the person who owns the file, I am assuming as soon as
she logged in she took ownership..Its the girl doing the data entry.
How did you log in, what username and password...
I JUST HIT RETURN RETURN and it opened.
That is what she told the IT department.

IT then said maybe it just appeared... I said no, someone had to
create it.

now someone had to go into security and set it up..It looks like you
can do it with no username and password on the security, at least that
is what they are saying. They have the whole directory copied into
some secure server for now and no one can see it.
Security cannot be done by accident. If some people (even one) can open the
file without providing a username and password then the file is not secured.
The mere presence of a security.mdw file means nothing at all. A user will
not utilize an MDW file unless they go out of their way to do so.

--
Rick Brandt, Microsoft Access MVP
Email (as appropriate) to...
RBrandt at Hunter dot com

Sep 2 '08 #9

P: n/a
Hi Sparks,

Dont take the file ownership thing as an absolute in this case either
- it is something that can be taken by someone and depending on the OS
also given to someone.

My suggestion is to not hit the panic button just yet. Can you get in
to the application and work with it? Can you see the data in the
tables? If you can the first thing I would do is to get a dump of the
database completely, everything. If you need help with that just drop
us a note here and I am sure some of us will be able to get you moving
in the right direction.

Rule #1: Make a backup of your data - make it safe - make it
regularly.

Cheers

The Frog
Sep 3 '08 #10

P: n/a
"The Frog" <Mr************@googlemail.comwrote
I am not entirely sure what became of this man,
however I am quite aware that he managed to
destroy a company by his incompetence. I am
sure he meant well, he was just an idiot who
didnt think about the consequences of his actions.
It's possible that he got a starring role in the training video "Adjusting
attitude with the common 2X4."
Sep 5 '08 #11

This discussion thread is closed

Replies have been disabled for this discussion.