The Access security warning system was changed and further enhanced with the release of Access 2007 and improved again with version 2010 making this even simpler to use as you now decide if you want to ‘Trust‘ your Access Database making all other security elements automatically trusted for you.
The encryption technology within Microsoft Access 2010 is certainly the most sophisticated yet and covers the wider range of the MS Office suite too and for the first time Microsoft also provides you with the option to implement a third party encryption tool giving you the greater freedom and further choice in how you protect your databases.
If you had used the security features in the earlier versions of Access (pre 2007), you had to make a series of choices when your database opened. For example, you had to choose between the security levels (Low, Medium, or High), and whether you wanted to run potentially unsafe code or not. Now, you no longer have to make those kinds of decisions when you open a database in Access 2007/2010. By default MS Access disables all the potentially unsafe code or other components to your database, regardless of the version you used to create that database.
Access Security Warning: Decide Whether To Trust Your Access Database
When you open your database, the system will automatically display a message bar at the top with the warning to optionally enable your database. Of course, you can disable this warning altogether which is a strategy to handling the Access security warning.
So what are the key points to making that all important choice? Here are some pointers for you:
- User roles, setting the goal – You can still open a database file if you have not trusted or enabled the security warning as this will only disable the actions (namely the VBA code and macros) leaving it in a safe environment for you to view your data.
- Internal company wide policy – You may have an alternative security policy and back-up systems in place which may well negate the added benefit of using trusted locations in the first place. Also, if the firm’s policy is to only allow internal Access database files to be used and it is prohibited for users to upload or receive external accdb/accde/mdb/mde files then security can be relatively relaxed here.
- External database files – If you do use files received from unknown authors and you need to utilise the data, then allocate a folder and make this not trusted so it’s a clear warning for users to make that choice and at least have access to the data only. You can then decide if you want to trust the database and expose any actions that may be a potential threat (programming hackers at worst!) perhaps on a stand-alone or no connected workstation.
As already mentioned, Microsoft Access 2010 contains stronger encryption technology than previous versions, using a more sophisticated algorithm to give your databases the highest possible level of security. The creation of a digital password encrypts the data and makes it unreadable by other tools unless the correct password is entered. This new technology is also available to users of Access 2007 and it is a simple matter to remove the old password system and install the new encryption technology in its place.
If you are still using an mdb file (pre Access 2007), then this is a major consideration for upgrading to the accdb file format though I appreciate there are other reasons why one would remain with older JET engine if the migration process is not as straight forward as one would expect.
In all cases, the Access security warning feature will always provide a little extra layer of protection and if a database has been well designed, one could argue if your coding has already dealt with this important aspect in the first place.
Designing good Access forms starts here especially if you are new to this powerful application by taking action now and consider my eBook on How to Build Access Database Forms which offers great value and a money back guarantee.