Sep 23

Build security into your systems part 2

Tips for restricting file access
•Avoid automatically logging in with an account name and password specified in the dialog box
•Using the same password in each file is often convenient when users must interact with several solution files in once session. This no longer works when users change their own password (unless they change them in all files). When you create accounts, you must create them in all solution files.
For convenience, you can define multiple tables in one file. Consider hosting files on a server and using an external authentication server, such as Windows Domain or Apple OpenDirectory.
•If accounts are used by multiple people, change the password on a regular basis. Also, change the account name and password when people leave the group.
•Create a startup file that only interacts with critical files via scripts. The startup file doesn’t store data; instead data is moved to more critical files via scripts. Have users open the file with the default account name and password that restricts access to sensitive data and risky features, like deleting records. The scripts can perform actions you would not provide users access to, like deleting records, by enabling Run script with full access privileges.
•You can set record access privileges to view, edit, and delete certain records within each table. Limit users’ access to specific records based on a number of criteria, for example their department, job title, job responsibilities, and so on.
One thing to note: Limiting access to specific records introduces a much more complicated data access model. Thoroughly test your solution by logging in with different user accounts and evaluating all layouts, reports, and scripts. Be sure to document the specific conditions so users will know what to expect.
•Don’t use layouts for security. The only way to protect files, for example from CGI requests or other sources, is by restricting account access on a field-by-field or table basis.

*Permanently remove the Full Access privilege set and any accounts that are using the Full Access privilege set (including the Admin account). This action cannot be undone. It should only be done when you are certain no one will need to have full access to the file again.

Leave a Reply