Securing Your Database with Microsoft Access

It’s important to realize that Microsoft Jet security is always enabled — every time a user performs any action, Microsoft Jet first checks to make sure the user has sufficient permissions to perform that action. However, most Microsoft Jet users never realize that they are logging on and never see a security-related message. How does this happen? This is because the Users group (the default group the contains the default Admin user account) has full permissions for all objects in a database.

This arrangement works well because there are no “back doors” that allow a user to open a Microsoft Jet database without security being in effect. Applications that don’t need the engine’s security services still use it, even though it’s not apparent.

If you’re using Microsoft Jet with Visual Basic, you can run your application without a workgroup information file. In this case, all users are logged on as the default Admin user. In an unsecured environment, this account has full permissions. In a fully secured environment, the default Admin user doesn’t have any permissions and is not able to use the Microsoft Jet database. To use security from a Visual Basic application, first set up security using Microsoft Access, and then create a Registry entry for your application that points to your workgroup information file.

To establish security successfully, you need to do some advance planning. Make a list of all of the potential users of your applications, logical groupings of those users, and the operations that each group should be able to perform. Then map this information to the Microsoft Jet security model of users, groups, and object permissions.

Securing your database is a multiple-step process that replaces the default users and groups with your own secure set of users and groups. This section outlines each of these steps.