Tuesday, May 08, 2007

Security In Access 2007

Workgroup security has been dropped from Access 2007, which I personally see as a big negative.

In many Access applications users can create new objects at runtime, such as queries, forms and reports. A compiled MDE/ACCDE will not cut it as you can't protect your developer objects and code, and allow users to create their own objects. In prior versions of Access 2007, you could selectively protect developer objects and give users permissions to create new objects, using the very robust Access workgroup security features. This means that many of my Access application and add-ins will not be distributed in the Access 2007 format. One wonders if the Microsoft Access development team considers the views of developers and users.

Having said this, MSDN has just published an article by MVP and fellow-Aussie, Garry Robinson, Security Considerations and Guidance for Access 2007, which is the first comprehensive discussion of security in Access 2007.

Gary has also written a valuable book on pre-Access 2007 security: Real World Microsoft Access Database Protection and Security.

No comments: