How to prevent user copy database to local on Lotus Notes?

I want to forbid user to make a copy or relicate to their local drive, as it's easy to open it if you don't copy with ACL, even you can open on different server with different id file, it's very danger if the database information are most security. I know the feature is appear on R6, but can I have any method to do it? Thanks for your help!!
kkshumAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

madheeswarCommented:
U don't have any method to stop from copying.

Unless and untill u make default access as No Access.
0
CRAKCommented:
It probably doesn't protect your data, but in a view's QueryOpen, you could check the database' server. If it returns "", set Continue=False and it won't open the view.
Ergo: you can't open the database as it wants to open a view.
0
CRAKCommented:
PS:
You will need to hide the design as well, as users may bypass execution of the script using the debugger!
(Better try first before you hide the design! There's no way back!)
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

RanjeetRainCommented:
There is NO WAY to stop a DATABASE > New Copy command.

There is also NO WAY to stop a user from creating an agent that does a raw copy of the data in your documents are keep it in a different database based on a different form.

My argument is: if you have dishonest users, you CANNOT prevent/stop data copying. What at best you can do is, make it as difficult as you can for teh person.

To prevent Database level copying -- CRAK has a good idea. Put some script in the Database Scripts section and it wont allow the a novice user to open the database from a local copy.

To prevent Document level copying -- Use the same method, but put the code in QueryOpen of teh form. That will deter a bit sophisticated users, who can do document level copy.

To defeat all threats, you may combine the tricks and use them.

But at the end of it, if i want to steal the data, only a survillence camera can help. Because raw copy of data value can not be stopped. If I can read teh data, I can copy it with an agent/manually.
0
Andrea ErcolinoCommented:
You have to look at it as a Notes feature, rather than a security breach: if Person can access Database then Person can copy Database, with or without the ACL (because for Person the ACL is an open door by hipothesis).

So if you want to protect your data you have to implement access restriction policies, based on ACL + groups + roles + access restriction to specific design elements + Readers field in documents (+ Encryption for extremely sensitive data)

From Designer Help:
---
users with Editor access or above in the ACL can be restricted from reading documents if they aren't included in a Readers field.
---

So if someone who has Reader access in the ACL of a Database, copies the database with no ACL, they get Manager access in the ACL of the copy but Readers fields still protect data, and if they replicate the remote database they don't replicate at all data protected by Readers fields
0
CRAKCommented:
> There is NO WAY to stop a DATABASE > New Copy command.

You're right. I forgot to mention that.
My earlier post only makes it hard for users to open their local database when they have obtained their local copy.
0
kkshumAuthor Commented:
so Would you please tell me how to do this step by step? As I am experience on Domino Administration, not development. Thanks!
0
CRAKCommented:
I used to start off with a new script library. E.g. called "Security".
In it I created this function:

Function AbortLocal As Variant
      Dim Session As New NotesSession
      Dim Db As NotesDatabase
      Set Db=Session.CurrentDatabase
      If Db.Server = "" Then
            AbortLocal = True
      Else
            AbortLocal = False
      End If
End Function

In each view I added following code....
Under "Options":
   Use "Security"

In "QueryOpen":
   Continue = AbortLocal

However, it appeared NOT to work in R6.5 just now so I tried an alternative:

Under Database script (not in a view), in the PostOpen event:

@If(
   @Subset(@DbName; 1) = "";
   @Command([FileCloseWindow]);
   @Return("")
)

It didn't open on Local using that one!
Do note that you may need to add a few extras if the database is also accessed through the web!

As there's no debugger for @-functions, hiding the design is not neccessary.

To my fellow experts:
Did I miss something (any way to bypass this code), or is this safe enough to prevent accessing the database?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RanjeetRainCommented:
CRAK, i found something for you.

wrt you R 6.5 code, that code fails if you do a DATABASE > GO TO... and select a view. I do not know why it opens the DB that way.
0
kkshumAuthor Commented:
How can I create script libaray?the database just a form which typing information here
0
madheeswarCommented:
U need Designer for creating script libraries. U should be manager to the database in the ACL.
OPen the db in Designer and click on others. And click on Script libraries and write your code.
0
kkshumAuthor Commented:
Where should I put the following code in, in script library "security" or a form of my database  

In each view I added following code....
Under "Options":
   Use "Security"
0
RanjeetRainCommented:
>> U should be manager to the database in the ACL.

Designer access will do.
0
CRAKCommented:
Thanks Ranjeet. Any clue on wht my 1st attempt failed? I'm pretty sure I have used similar stuff before and got it to work too!
0
marilyngCommented:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Lotus IBM

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.