• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2186
  • Last Modified:

How to prevent user copy database to local on Lotus Notes?

I want to forbid user to make a copy or relicate to their local drive, as it's easy to open it if you don't copy with ACL, even you can open on different server with different id file, it's very danger if the database information are most security. I know the feature is appear on R6, but can I have any method to do it? Thanks for your help!!
0
kkshum
Asked:
kkshum
  • 5
  • 3
  • 3
  • +3
4 Solutions
 
madheeswarCommented:
U don't have any method to stop from copying.

Unless and untill u make default access as No Access.
0
 
CRAKCommented:
It probably doesn't protect your data, but in a view's QueryOpen, you could check the database' server. If it returns "", set Continue=False and it won't open the view.
Ergo: you can't open the database as it wants to open a view.
0
 
CRAKCommented:
PS:
You will need to hide the design as well, as users may bypass execution of the script using the debugger!
(Better try first before you hide the design! There's no way back!)
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
RanjeetRainCommented:
There is NO WAY to stop a DATABASE > New Copy command.

There is also NO WAY to stop a user from creating an agent that does a raw copy of the data in your documents are keep it in a different database based on a different form.

My argument is: if you have dishonest users, you CANNOT prevent/stop data copying. What at best you can do is, make it as difficult as you can for teh person.

To prevent Database level copying -- CRAK has a good idea. Put some script in the Database Scripts section and it wont allow the a novice user to open the database from a local copy.

To prevent Document level copying -- Use the same method, but put the code in QueryOpen of teh form. That will deter a bit sophisticated users, who can do document level copy.

To defeat all threats, you may combine the tricks and use them.

But at the end of it, if i want to steal the data, only a survillence camera can help. Because raw copy of data value can not be stopped. If I can read teh data, I can copy it with an agent/manually.
0
 
Andrea ErcolinoCommented:
You have to look at it as a Notes feature, rather than a security breach: if Person can access Database then Person can copy Database, with or without the ACL (because for Person the ACL is an open door by hipothesis).

So if you want to protect your data you have to implement access restriction policies, based on ACL + groups + roles + access restriction to specific design elements + Readers field in documents (+ Encryption for extremely sensitive data)

From Designer Help:
---
users with Editor access or above in the ACL can be restricted from reading documents if they aren't included in a Readers field.
---

So if someone who has Reader access in the ACL of a Database, copies the database with no ACL, they get Manager access in the ACL of the copy but Readers fields still protect data, and if they replicate the remote database they don't replicate at all data protected by Readers fields
0
 
CRAKCommented:
> There is NO WAY to stop a DATABASE > New Copy command.

You're right. I forgot to mention that.
My earlier post only makes it hard for users to open their local database when they have obtained their local copy.
0
 
kkshumAuthor Commented:
so Would you please tell me how to do this step by step? As I am experience on Domino Administration, not development. Thanks!
0
 
CRAKCommented:
I used to start off with a new script library. E.g. called "Security".
In it I created this function:

Function AbortLocal As Variant
      Dim Session As New NotesSession
      Dim Db As NotesDatabase
      Set Db=Session.CurrentDatabase
      If Db.Server = "" Then
            AbortLocal = True
      Else
            AbortLocal = False
      End If
End Function

In each view I added following code....
Under "Options":
   Use "Security"

In "QueryOpen":
   Continue = AbortLocal

However, it appeared NOT to work in R6.5 just now so I tried an alternative:

Under Database script (not in a view), in the PostOpen event:

@If(
   @Subset(@DbName; 1) = "";
   @Command([FileCloseWindow]);
   @Return("")
)

It didn't open on Local using that one!
Do note that you may need to add a few extras if the database is also accessed through the web!

As there's no debugger for @-functions, hiding the design is not neccessary.

To my fellow experts:
Did I miss something (any way to bypass this code), or is this safe enough to prevent accessing the database?
0
 
RanjeetRainCommented:
CRAK, i found something for you.

wrt you R 6.5 code, that code fails if you do a DATABASE > GO TO... and select a view. I do not know why it opens the DB that way.
0
 
kkshumAuthor Commented:
How can I create script libaray?the database just a form which typing information here
0
 
madheeswarCommented:
U need Designer for creating script libraries. U should be manager to the database in the ACL.
OPen the db in Designer and click on others. And click on Script libraries and write your code.
0
 
kkshumAuthor Commented:
Where should I put the following code in, in script library "security" or a form of my database  

In each view I added following code....
Under "Options":
   Use "Security"
0
 
RanjeetRainCommented:
>> U should be manager to the database in the ACL.

Designer access will do.
0
 
CRAKCommented:
Thanks Ranjeet. Any clue on wht my 1st attempt failed? I'm pretty sure I have used similar stuff before and got it to work too!
0
 
marilyngCommented:
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 5
  • 3
  • 3
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now