Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to prevent a user from taking an access database out of the building?

Posted on 2007-11-28
6
Medium Priority
?
142 Views
Last Modified: 2010-04-21
We have 3 access databases that are completely confidential and several years old.  Currently the way I have it set up is, I have the 3 databases on our 2k3 file server.  Only one person has access to these files and nearly has full control of the files in the sense that he can read/write/delete to routinely update these databases.  I also have a daily scheduled back-up to back-up the databases to the local C: drive of the file server, which ofcourse no one else has access too.

Ultimately, what I am planning to do is cut access to his CD, USB, and floppy drives, which I'm all perfectly aware on how to do.   This is a limit to some extent of transferring the files elswhere but I still am worried about UNC transfers, since even if I cut access to the workstation's C: drive, you could still transfer thes databases directly from the file server to another workstation that DOES have access to their C: drive.  Also email attachments (powered by exchange 2k3) is another issue.

Database passwords would prevent other employees from somehow getting these databases, but the real concern is if the said person that updates these databases decides to leave the company and take these databases to a competitor, he would ultimately have the ability to do so since he obviously knows the passwords.

Any ideas?
0
Comment
Question by:paintb4707
  • 3
  • 2
6 Comments
 
LVL 22

Accepted Solution

by:
dan_blagut earned 600 total points
ID: 20366245
For that kind of thing the man has made the contract. Because you can't event that you switch on SQL databases, the data can be exported. So talk with your lawyer and put toghether an contract that can protect this data.

Dan
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 20366669
I think you don't need to worry about email attachment - databases are usually big and you can simply set a "send" limit on email size. As you mentioned the user can simply go to another machine and copy the database to the c:\ drive so in that case there is nothing much you can do (unless you are going to cut access to ALL usb/cd device etc, which is quite impossible. Also, how do you stop him printing off the report from the database (query) and take it with him?

To be honest I would be more worry he will do "something" to the databases, such as deleting x number of records, put in wrong data, etc to make the database un-usable. Backup to c:\ drive on a machine is also not safe.  What happen if the server gone down completely? You should backup on a removable device so that you can take it offsite in case of diaster.
0
 

Author Comment

by:paintb4707
ID: 20366934
Well, we can see about copyrighting the databases.  Aside from that, is it possible to at least create a disclaimer upon opening the database that says "This database is property of so & so, etc, etc" ?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 23

Expert Comment

by:ormerodrutter
ID: 20366996
I believe there is a way but will a disclaimer like that really scare people off? Particularly if he/she delibrately "steal" the databases for whatever purpose?
0
 

Author Comment

by:paintb4707
ID: 20367176
Maybe not so much the person stealing the data but the competitor.
0
 

Author Closing Comment

by:paintb4707
ID: 31411435
You're probably right.  Establishing a contract would probably be the only thing left I can do.
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question