Link to home
Start Free TrialLog in
Avatar of drtrmiller
drtrmiller

asked on

(Fun, interesting topic) How secure would it be to. . .

Never mind the absurdity of it:

But how *secure* would it be to use and develop a split Access 2007 database by having 100% of the database components on a local computer and installing a virtual machine using the Windows Vista OS that is essentially crippled with security features (no context menus, no execution of applications, no registry access, Access runtime-only installed, the list goes on. . .), with a remote connection between the client virtual machine to a file share managed by advanced Windows file permissions on the local machine negotiated by a virtual private networking utility called "Hamachi" wherein the users may be granted access to the network, blocked, or banned, and must always be approved before being added to the VPN, and having a further split back-end database that runs perhaps once daily based off of append and update queries so as to manage having multiple clients' tables with permissions set on a per-client basis (CLIENT A + CLIENT B = MASTER)?  

Each virtual machine would be associated with negotiating a connection to a separate front-end Access database application on the VPN Local Machine and this front-end database would be password encrypted, compiled in the .accde format, and have internal script-based security for authenticating users periodically ("Are you still there?  Please enter your pin.").

One obvious advantage of this is the ability to update the client application as needed and monitor client access to the application in real-time.  Just like the internets!!

So. . .

How secure is this implementation?  Any other considerations?

Thanks!!
Avatar of Kelvin Sparks
Kelvin Sparks
Flag of New Zealand image

Access 2007 is not a secure environment.

You can manage it to a degree by controll access to a folder - you're either in or out - which is much what your suggesting but using a machine for that.

Once in, you have virtually no control over who does what.

If you're that concerned, use SQL server (correctly setup) to manage the backend with an Access front end.

SQL Server 2005/2008 Express (free) would do better than what you're suggesting.


Kelvin
ASKER CERTIFIED SOLUTION
Avatar of thenelson
thenelson

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial