Written for Access 97, 2000,
2002, 2003 500 Pages
Buy The Book Online
Garry Robinson, Microsoft Access Author and Developer
Read about database backups in the Sample
Or use a search engine to look for the ISBN
1590591267 or 1-59059-126-7
to read more about the book at Apress, the publishers web site.
|Click picture to enlarge|
Figure 1 - There is a separate demonstration database for all Access versions.
How the Chapters Are Structured
|An introduction describes what you can expect to find in the chapter.|
|A separate overview for the IT manager, the DBA, and the developer discusses issues and includes download examples relevant to each group.|
|Where possible, the easy material appears near the beginning of the chapter.|
|Where the material is relevant to the DBA or is difficult
to describe in words,|
graphics accompany the material.
|At the end of each chapter is a list of all the relevant
Internet or help|
material. You will need to visit a Web page for the actual links to the pages.
|I have set it up this way in case the location of the material changes.|
|Each chapter closes with a summary of discussions
throughout the chapter|
and an introduction to the next chapter.
Find Out How to Protect Your Investment
This book aims to achieve a lot more than helping you keep
people from stealing your database or code. Itís all about doing things that
will protect the investment that you made in your database. To help achieve
this, this book has extensive coverage on issues such as
ē Appropriate database options.
ē Good programming practices, such as splitting databases and error handling.
ē Backing up and recovering databases, tables, and objects.
ē User surveillance.
ē Setting up, implementing, and protecting your Access menus.
What Are People Saying About The Book
Danny Lesandrini from DatabaseJournal.com says "If you need a solid method for securing your Access databases that goes beyond what you might glean from the help file or from basic Access books, then you need this book." Read More Danny also reviewed the book for Smart Access in May 2004 and concluded "Simple protection". That's the objective of this book and an objective achieved.
Judy Misra - International Ministries Contact List Manager
By the way, I also have your book on Access Database Protection and Security. I knew nothing about securing databases and needed to learn as we have people working in very sensitive areas where the contact information we have could result in people being the subject of attacks. Several times our laptops have been stolen. I bought your book as soon as it was available and am very grateful that you took so much effort to present this information.
Thanks for all the great teaching Judy
If Garry Robinson's must-have and spot on target book on Access Security has one fault it is that it does not discuss the use of Visual Source Safe for backing up, restoring, administrating and protecting data, design and code. But then nothing is perfect.
This is one of the most useful books that the Access developer can have on the shelf and it easily knocks Ken Getz's Access Developer Handbook's and Access Cookbook out of pole position. It is not for the novice and will not help the novice who is still struggling with the deluge of jargon that is the steepest part of an Access Developer's learning curve. You are expected to be proficient with VBA code, network permissions, security issues and other intermediate and advanced topics.
But for the developer who is within reach of his goals, it is quite simply a goldmine of ideas, clear thinking, good practice and reliable standards. Everything works and is the best that Access can offer, and the sample code is well written, precise and easy to understand. It is not just the overt content that is so valuable to an Access Developer, nor the eminently reusable code and samples. It is the thinking. This is how the job should be done, this is the approach you need to make your services valuable to employers and clients.
The writing is to the point and intelligent and can be swallowed and digested in large chunks. Garry's prose is refreshingly free of puerile puns for wannabe nerds: He does not say that Access 'rocks' nor that such and such a feature is 'cool', he just says that Access, despite its faults is a great tool for getting the job done. The sheer fact that Access DOESN'T rock, that it ISN'T cool makes this book so valuable. It allows you to overcome some of the serious shortcomings that are inevitable in a product that is part of Microsoft Office even when it's use, by chance or design (it doesn't matter), has far outstripped its modest origins.
To start professionally developing with Access you need only three books: Ken Getz et al's Access Cookbook (O'Reilly), Ken Getz et al's Access Developer Handbook (Desktop and Enterprise Editions) and Garry Robinson's Real World Access Security. You will be safe ignoring the rest.
To be a good Developer you have to love learning and Garry's book is the icing on the cake. Once you have implemented his recommendations on live production databases, you can consider yourself a pro. No further qualification is needed
Cynthia - A Kiwi living in New York - All is well - database is running beatuifully. Thanks again for all your help. I have learned so much from this project and much of that is due to your book. Read review at Indigo Books
Mike Gunderloy writes in the Developer Central magazine REAL WORLD MICROSOFT ACCESS DATABASE PROTECTION AND SECURITY, by Garry Robinson (Apress): Didn't think Access security was difficult enough to require a book? Think again; Garry goes through the whole convoluted mess in detail, touching on so many security-related topics that he doesn't even get to the basics of workgroup security until several hundred pages in. His innovative techniques and plain sneakiness will help you protect your data, your object designs, or both, from all but the most sneaky of hackers. There's plenty of sample source code (which you can download) and practical advice here. [Access 97-2003]
-Access Trainer I actually went over the book again just the other day
as I had to put a security proposal together for a client. You did a great
job explaining all the aspects of security, I especially like the way you
explained that the workgroup contains the users and the groups while the
object permissions are set in the database itself. I gave my client
several recommendations, in the first option I recommended creating the
developer users and leaving the generic Admin account, I think this is a
great first step...
Merril For whatever itís worth, Iím on chapter 10. Itís one hell of a book. Thanks.
Peter De Baets Access Group Discussions ...
Helen Feddema - Woodies Access Watch and Author Yes, I have received it, and I have found it very useful already. Personally, I hate security and avoid it at all costs, but sometimes it is necessary, and this book is an invaluable resource for all Access security questions (you can quote me on that!). Helen's favorite books
Robert Cooke Access MVP - I liked
your book very much as it goes beyond being a book on Access protection
and security and covers good management and housekeeping techniques as
well that any Access developer needs to know (e.g. Chapter 5). Going
beyond just the essential MDE/Workgroup/Split database techniques you go
in depth on these and cover all of the requirements to secure an Access
database. I also like the split in perspectives (i.e. Developer/DBA/IT
Manager) which is novel and helps the developer more than anyone in
dealing with the project and their explanations to their Manager! (Though
I wonder how many DBAís administer purely Access databases considering the
average investment in an Access database compared to an SQL/Access
database n tiered system etc.). Having been Developer/DBA/IT Manager and
IT support for small to medium businesses, youíre practical, hands on
The only shortfall (which is minor) I found was that the book only briefly mentions ADPís. ADPís are an evolutionary stepping stone to a fully fledged n-tier SQL/VB solution. As a database grows (I have found 5 or above combined users tilts the cost benefit in its favour) this is considered and adopted by many Access programmers I have come across. I would have covered this in more depth with information on SQL-DMO techniques for managing system stored procedures/permissions etc from the ADP. However, this is another book! No one book can be a definitive source of a topic however for an Access developer this will be a well thumbed essential reference.
Walter from New York Just a quick
note to tell you that I read your book in one day (Iím now doing the
second read through and making notes). As a newbie developer who had just
gotten to the topic of securing my application, I was researching
security. It was very frustrating that I could not find one comprehensive
Viola, I found your book. Excellent resource material.
Alan Cossey from the UK Users Group - 4-Dec-03
I've recently been able to read a new book called, "Real World Microsoft Access Database Protection and Security" by Garry Robinson (also author of the Access Unlimited newsletter) and Rod Gordon has given the OK for me to do a quick review of it on the list server in case it is of interest to anyone else (the subject ought to be!).
It's a wide-ranging book majoring on Jet-based systems. It progresses from what Garry Robinson terms "protection" for Access applications, i.e. avoiding casual or accidental messing with your system, through to much more secure ideas such as workgroup (aka "user-level") security combined with operating system security enhancements (if you have Windows 2000/XP Pro). Though it is set up to allow you to look at individual chapters on their own, I found it well worth reading all the way through from start to finish and shall probably do so again. Though I've spent quite a bit of time looking at Access security over the last couple of years myself, there were quite a few things in this book that I hadn't thought of.
An important point covered in the book is the limitation of some of the "official" security that comes with Access, e.g. workgroup security. If you are relying on this and allowing your users access to your development MDW, prepare yourself for the fright I felt a couple of years ago when I found out that it is possible to retrieve all the user ID's and passwords from an MDW file with ease (and £40). The book explains the problem and how to claw back some of the security to make your Access application a reasonably secure system again.
For me, it is good to have a central source of information about Access security, though the book does provide plenty of links to other sources as well. I've found in my quest to make my own Access apps reasonably secure that I've had to trawl web site after web site after news group to find relevant information. This book brings this information together in a very helpful way.
Weak points: No mention of security with tables linked to ODBC sources (connection strings are easy to read) and a few typos.
Good points: Wide-ranging (I'm tempted to say, "Comprehensive", but I'd be a brave man to use that word with regard to the security of software), plenty of examples, plenty of links. The section on OS-based security makes it easy for me to justify buying the book with my employers. It's one of those books you are glad you own.
Cynthia - Teacher Yes I have received it and I brought it to a class last week and
recommended it, I am teaching another 3 day advanced Access class next week and we spend a 1/2 day looking at security so I will def'n bring it again to class and recommend it. To be honest I haven't had time to go through the whole book but what I have read so far has been good I will
get back to you when I have gone through more of the book.
Ben "I bought your book and am currently up to chapter 4. So far I am enjoying it.
Alissa "I skimmed through it and it looks very easy to follow, jammed with information on just what I was looking for. I can't wait to jump in with the great examples.
Alan "I have
already got my company to order a copy on Amazon. I've already had
my money's worth from some of your tips in the past any way, so I think we
are quits. :-) Wishing you every success"
Fred "thanks for a great newsletter, and your new book sounds really good! i am developing an access add-in that i want to market soon. i'm not sure about one thing, and thought i'd check. will your book help me make my add-in more secure, or is the book more for in-house users for example? wishing you great success,"
To Which Garry Replied If you can package your add-in as an MDE, then you are well on the way to protecting forms, reports and modules. If not then you definitely need to get the low down on workgroup security because any startup option protection is only good with some workgroup security. There is also some detail on MDE format in chapter 11 plus software to build the mde database automatically for you.
Graham "Congratulations Garry on the publication of your book. I have placed an order with Amazon.ca and will notify you when the delivery is made. I will of course add my views to the Amazon site. The book sounds exactly what I want for my latest project so I am very excited to see it. Thanks for all that you do to make Access an enjoyable tool to work with and for your advice in the past."
Allen Browne - Access MVP "Congratulations on completing a project in a most interesting area. I look forward to a good read."
Cynthia "I teach Access to
various companies and I am frequently asked to recommend reference books.
Security has always been an important and hot topic and I have quite a few
books that address the issue but none very well."
To Which Garry Replied "The Access Developers Handbook enterprise edition covers User-Level security programming in great detail and is a complimentary extension to my book".
Quotes and Grabs
If you are interested in telling a friend about this book or you are doing a review of this book for a magazine or an online book store, here are some quotes from the book that you may use.
From Chapter 1: The Access Protection and Security Driving Instructions
"To make any security fail-safe, you need to combine
protection measures and touch that up with operating system security, all that while understanding the flaws of an old and popular product such as Access."
"If you want to secure the forms, reports, and modules in your database, there is no better and quicker way to do so than to convert your database to the compiled format, called the MDE format."
"To preclude some of your fellow network users from opening your database, your best option is to use the operating system to restrict the people who will actually have access to the database."
"Developers really should understand and experiment with Windows XP and 2000 folder permissions and become proactive with your clients to ensure that they are protecting databases in the best possible way."
Sidebar - Writing A Computer Book
Writing a computer book is not for the faint hearted. First of all you need a
robust bank balance and then you need a well researched plan for the book based
on a fundamental need for sizable audience. Of course you need a publisher and
you probably need a lot of experience writing and the will power to do it for a
long time. Once you have those things in place, you will need more than 200 very
long days to grind out the content. Whilst this is happening you will need a lot
of support from your partners, family and friends and if some of those tell you
that they never thought you could write a book, and then you will have the drive
to prove them wrong. When you get to the end of the book, the biggest
beneficiary of the book will probably be yourself because you will know what to
do when your clients step up to the plate for your expertise. Finally if your
audience can also use your book to achieve the same result with their company or
clients, then you should find that the pain will all be worthwhile and hopefully
the back balance will start to swell again. Garry
Sidebar - Writing A Computer Book
Writing a computer book is not for the faint hearted. First of all you need a robust bank balance and then you need a well researched plan for the book based on a fundamental need for sizable audience. Of course you need a publisher and you probably need a lot of experience writing and the will power to do it for a long time. Once you have those things in place, you will need more than 200 very long days to grind out the content. Whilst this is happening you will need a lot of support from your partners, family and friends and if some of those tell you that they never thought you could write a book, and then you will have the drive to prove them wrong. When you get to the end of the book, the biggest beneficiary of the book will probably be yourself because you will know what to do when your clients step up to the plate for your expertise. Finally if your audience can also use your book to achieve the same result with their company or clients, then you should find that the pain will all be worthwhile and hopefully the back balance will start to swell again. Garry
Thanks for having a look at my book page and don't forget my popular newsletter to keep up to date with all the latest. Garry Robinson