Real World Microsoft Access Database Protection and Security 

Written for Access 97, 2000, 2002, 2003          500 Pages        Buy The Book Online
This book has seventeen 5 star reviews at Amazon USA and UK and Buy.com and Barnes and Noble. It is the 3rd best rated Access book at Amazon Feb-06

Microsoft Access is the most popular desktop database in the world today, which means that many people have investigated its security measures and some have worked out ways to get around them. Coupled with that, Access is a versatile database designed for both developers and users. When you first set up a database, it comes with all its security turned off and all the developer tools turned on. This book tells you how to turn on the security properly and also shows you how to protect the investment that you have made in the database. This page aims to help you decide if this book is a worthwhile investment for you. Thanks for your interest.

Garry Robinson, Microsoft Access Author and Developer

Here are the front and back covers.        

View the table of contents in PDF format. View the index file in PDF format.
Microsoft has made this a recommended Security Book, read more...
FMS recommend it as an important Access text. Read more
The full chapter on startup options can be found at MSDN. 
http://msdn.microsoft.com/library/en-us/dndbdes/html/chapter2accessprotectionsecurity.asp

Read about database backups  in a number of online samples
Read a Sample from Chapter 1 that was featured in Woodies Access Watch
Read an Article featured at Microsoft MSDN on how to setup Windows Folder Protection
Read the supplementary material on Windows XP Security
Read the foreword by Peter Vogel - Editor of Smart Access
Read reviews at DatabaseJournal.com or at Barnes and Noble  or at Amazon or Woodies Access Watch

Purchase the book and read more about it at the following online book stores

Or use a search engine to look for the ISBN  1590591267 or 1-59059-126-7

Key Reasons Why You Would Want To Read This Book

Click here to read more about the book at Apress, the publishers web site.  

The Intended Audience and the Demonstration Material

The goal of the material in this book is to improve Access protection and security, and, as a result, the material in the book does not target a particular skill level, such as developer or DBA. More than half of the book is at a level that a competent Access DBA could manage, and, where possible, I have set up the more complex demonstration examples as plug-and-play forms.  Naturally, because I regularly write for developers’ magazines, there are many examples that will keep the very skilled end of town happy. In normal Access book classification, one could classify 40% of the material as being for intermediate level and 50% for advanced level. The other 10% is aimed at the IT Manager because that person needs to be aware of the pros and cons of each protection and security method so that they remained fully  informed about the security implications of this important business tool.

Another design criteria of this book was to help you protect and secure any Access database created with Access 97 through to Access 2003 and beyond. In addition, the download samples (as shown in Figure 1), where possible, will work unchanged with the different versions of Access. There is a separate download database for each version of Access and where possible, additional samples have been added if changes have been made to Access. This particularly applies to Access 2002/2003.

Figure 1 - There is a separate demonstration database for all Access versions.

How the Chapters Are Structured
 

Find Out How to Protect Your Investment

This book aims to achieve a lot more than helping you keep people from stealing your database or code. It’s all about doing things that will protect the investment that you made in your database. To help achieve this, this book has extensive coverage on issues such as

• Appropriate database options.
• Good programming practices, such as splitting databases and error handling.
• Backing up and recovering databases, tables, and objects.
• User surveillance.
• Setting up, implementing, and protecting your Access menus.

What Are People Saying About The Book

Read the review at Access Database tips
http://www.accessdatabasetips.com/my-favourite-access-books.html

Judy Misra - International Ministries Contact List Manager

By the way, I also have your book on Access Database Protection and Security.  I knew nothing about securing databases and needed to learn as we have people working in very sensitive areas where the contact information we have could result in people being the subject of attacks.  Several times our laptops have been stolen.  I bought your book as soon as it was available and am very grateful that you took so much effort to present this information. 

Thanks for all the great teaching  Judy


Andrew Wrigley

If Garry Robinson's must-have and spot on target book on Access Security has one fault it is that it does not discuss the use of Visual Source Safe for backing up, restoring, administrating and protecting data, design and code. But then nothing is perfect.

This is one of the most useful books that the Access developer can have on the shelf and it easily knocks Ken Getz's Access Developer Handbook's and Access Cookbook out of pole position. It is not for the novice and will not help the novice who is still struggling with the deluge of jargon that is the steepest part of an Access Developer's learning curve. You are expected to be proficient with VBA code, network permissions, security issues and other intermediate and advanced topics.

But for the developer who is within reach of his goals, it is quite simply a goldmine of ideas, clear thinking, good practice and reliable standards. Everything works and is the best that Access can offer, and the sample code is well written, precise and easy to understand. It is not just the overt content that is so valuable to an Access Developer, nor the eminently reusable code and samples. It is the thinking. This is how the job should be done, this is the approach you need to make your services valuable to employers and clients.

The writing is to the point and intelligent and can be swallowed and digested in large chunks. Garry's prose is refreshingly free of puerile puns for wannabe nerds: He does not say that Access 'rocks' nor that such and such a feature is 'cool', he just says that Access, despite its faults is a great tool for getting the job done. The sheer fact that Access DOESN'T rock, that it ISN'T cool makes this book so valuable. It allows you to overcome some of the serious shortcomings that are inevitable in a product that is part of Microsoft Office even when it's use, by chance or design (it doesn't matter), has far outstripped its modest origins.

To start professionally developing with Access you need only three books: Ken Getz et al's Access Cookbook (O'Reilly), Ken Getz et al's Access Developer Handbook (Desktop and Enterprise Editions) and Garry Robinson's Real World Access Security. You will be safe ignoring the rest.

To be a good Developer you have to love learning and Garry's book is the icing on the cake. Once you have implemented his recommendations on live production databases, you can consider yourself a pro. No further qualification is needed

Cynthia - A Kiwi living in New York - All is well - database is running beatuifully. Thanks again for all your help. I have learned so much from this project and much of that is due to your book. Read review at Indigo Books

Danny Lesandrini from DatabaseJournal.com says "If you need a solid method for securing your Access databases that goes beyond what you might glean from the help file or from basic Access books, then you need this book." Read More Danny also reviewed the book for Smart Access in May 2004 and concluded "Simple protection". That's the objective of this book and an objective achieved.

Mike Gunderloy writes in the Developer Central magazine REAL WORLD MICROSOFT ACCESS DATABASE PROTECTION AND SECURITY, by Garry Robinson (Apress): Didn't think Access security was difficult enough to require a book? Think again; Garry goes through the whole convoluted mess in detail, touching on so many security-related topics that he doesn't even get to the basics of workgroup security until several hundred pages in. His innovative techniques and plain sneakiness will help you protect your data, your object designs, or both, from all but the most sneaky of hackers. There's plenty of sample source code (which you can download) and practical advice here. [Access 97-2003]

Read Sarahs 5* Review at Amazon UK or any of the 5* reviews at Amazon USA

Cyntia Wallen -Access Trainer I actually went over the book again just the other day as I had to put a security proposal together for a client. You did a great job explaining all the aspects of security, I especially like the way you explained that the workgroup contains the users and the groups while the object permissions are set in the database itself. I gave my client several recommendations, in the first option I recommended creating the developer users and leaving the generic Admin account, I think this is a great first step...

Merril  For whatever it’s worth, I’m on chapter 10. It’s one hell of a book. Thanks. 

Peter De Baets Access Group Discussions ...

Helen Feddema - Woodies Access Watch and Author Yes, I have received it, and I have found it very useful already. Personally, I hate security and avoid it at all costs, but sometimes it is necessary, and this book is an invaluable resource for all Access security questions (you can quote me on that!). Helen's favorite books

Robert Cooke Access MVP - I liked your book very much as it goes beyond being a book on Access protection and security and covers good management and housekeeping techniques as well that any Access developer needs to know (e.g. Chapter 5). Going beyond just the essential MDE/Workgroup/Split database techniques you go in depth on these and cover all of the requirements to secure an Access database. I also like the split in perspectives (i.e. Developer/DBA/IT Manager) which is novel and helps the developer more than anyone in dealing with the project and their explanations to their Manager! (Though I wonder how many DBA’s administer purely Access databases considering the average investment in an Access database compared to an SQL/Access database n tiered system etc.). Having been Developer/DBA/IT Manager and IT support for small to medium businesses, you’re practical, hands on experience shows!

The only shortfall (which is minor) I found was that the book only briefly mentions ADP’s. ADP’s are an evolutionary stepping stone to a fully fledged n-tier SQL/VB solution. As a database grows (I have found 5 or above combined users tilts the cost benefit in its favour) this is considered and adopted by many Access programmers I have come across. I would have covered this in more depth with information on SQL-DMO techniques for managing system stored procedures/permissions etc from the ADP. However, this is another book! No one book can be a definitive source of a topic however for an Access developer this will be a well thumbed essential reference.

Walter from New York Just a quick note to tell you that I read your book in one day (I’m now doing the second read through and making notes).  As a newbie developer who had just gotten to the topic of securing my application, I was researching security.  It was very frustrating that I could not find one comprehensive source.  Then, Viola, I found your book.  Excellent resource material.

Alan Cossey from the UK Users Group - 4-Dec-03
I've recently been able to read a new book called, "Real World Microsoft Access Database Protection and Security" by Garry Robinson (also author of the Access Unlimited newsletter) and Rod Gordon has given the OK for me to do a quick review of it on the list server in case it is of interest to anyone else (the subject ought to be!).
 
It's a wide-ranging book majoring on Jet-based systems. It progresses from what Garry Robinson terms "protection" for Access applications, i.e. avoiding casual or accidental messing with your system, through to much more secure ideas such as workgroup (aka "user-level") security combined with operating system security enhancements (if you have Windows 2000/XP Pro). Though it is set up to allow you to look at individual chapters on their own, I found it well worth reading all the way through from start to finish and shall probably do so again. Though I've spent quite a bit of time looking at Access security over the last couple of years myself, there were quite a few things in this book that I hadn't thought of.
 
An important point covered in the book is the limitation of some of the "official" security that comes with Access, e.g. workgroup security.  If you are relying on this and allowing your users access to your development MDW, prepare yourself for the fright I felt a couple of years ago when I found out that it is possible to retrieve all the user ID's and passwords from an MDW file with ease (and £40). The book explains the problem and how to claw back some of the security to make your Access application a reasonably secure system again.
 
For me, it is good to have a central source of information about Access security, though the book does provide plenty of links to other sources as well. I've found in my quest to make my own Access apps reasonably secure that I've had to trawl web site after web site after news group to find relevant information.  This book brings this information together in a very helpful way.
 
Weak points: No mention of security with tables linked to ODBC sources (connection strings are easy to read) and a few typos.
 
Good points: Wide-ranging (I'm tempted to say, "Comprehensive", but I'd be a brave man to use that word with regard to the security of software), plenty of examples, plenty of links. The section on OS-based security makes it easy for me to justify buying the book with my employers. It's one of those books you are glad you own.

Cynthia - Teacher  Yes I have received it and I brought it to a class last week and
recommended it, I am teaching another 3 day advanced Access class next week and we spend a 1/2 day looking at security so I will def'n bring it again to class and recommend it. To be honest I haven't had time to go through the whole book but what I have read so far has been good I will
get back to you when I have gone through more of the book.

Ben "I bought your book and am currently up to chapter 4. So far I am enjoying it.

Alissa "I skimmed through it and it looks very easy to follow, jammed with information on just what I was looking for. I can't wait to jump in with the great examples.

Alan "I have already got my company to order a copy on Amazon.  I've already had my money's worth from some of your tips in the past any way, so I think we are quits. :-)   Wishing you every success"

Fred "thanks for a great newsletter, and your new book sounds really good! i am developing an access add-in that i want to market soon. i'm not sure about one thing, and thought i'd check. will your book help me make my add-in more secure, or is the book more for in-house users for example?  wishing you great success,"
To Which Garry Replied If you can package your add-in as an MDE, then you are well on the way to protecting forms, reports and modules. If not then you definitely need to get the low down on workgroup security because any startup option protection is only good with some workgroup security. There is also some detail on MDE format in chapter 11 plus software to build the mde database automatically for you.

Graham "Congratulations Garry on the publication of your book. I have placed an order with Amazon.ca and will notify you when the delivery is made. I will of course add my views to the Amazon site. The book sounds exactly what I want for my latest project so I am very excited to see it. Thanks for all that you do to make Access an enjoyable tool to work with and for your advice in the past."

Allen Browne - Access MVP "Congratulations on completing a project in a most interesting area. I look forward to a good read."

Cynthia "I teach Access to various companies and I am frequently asked to recommend reference books. Security has always been an important and hot topic and I have quite a few books that address the issue but none very well."
To Which Garry Replied "The Access Developers Handbook enterprise edition covers User-Level security programming in great detail and is a complimentary extension to my book".

Quotes and Grabs

If you are interested in telling a friend about this book or you are doing a review of this book for a magazine or an online book store, here are some quotes from the book that you may use.

From Chapter 1: The Access Protection and Security Driving Instructions

"To make any security fail-safe, you need to combine different internal
protection measures and touch that up with operating system security, all that while understanding the flaws of an old and popular product such as Access."

"If you want to secure the forms, reports, and modules in your database, there is no better and quicker way to do so than to convert your database to the compiled format, called the MDE format."

"To preclude some of your fellow network users from opening your database, your best option is to use the operating system to restrict the people who will actually have access to the database."

"Developers really should understand and experiment with Windows XP and 2000 folder permissions and become proactive with your clients to ensure that they are protecting databases in the best possible way."

Bonus Chapter - Why Migrate from Access to SQL Server?

Russell Sinclair and Apress have provided a bonus chapter for the book that describes some of the things to think about when considering upgrading your database to SQL Server. As this may be your approach to securing your data, this chapter and Russell's book may be of interest. Read more here

Web Site Owners Can Sell This Book

Start selling this book as an Amazon Associate and earn individual item commissions. From Amazon "An individual item link to a book discounted 10-30% will earn a referral fee of 7.5% of the sale price if the purchase is a direct sale" To see how to build the link, look at this picture. The ASIN is 1590591267.

Quick/Cheap Online Purchasing
The following button provides the quickest way to purchase the book and most of the time it is close to the cheapest.

Links >>>  Home | Search | Workbench | Orders | Newsletter | Access Security | Access professionals