Results 1 to 10 of 10

what to do to protect access to applications and resources across the corporate data center

  1. #1
    Tonya Alcantar is offline Advanced Beginner
    Windows 7 32bit Access 2013
    Join Date
    Dec 2014
    Posts
    36

    what to do to protect access to applications and resources across the corporate data center


    As our employees bring their personal devices to work, maintaining control over their applications across corporate data centers and public cloud platforms has become a significant challenge. What solutions could help our IT department to protect access to applications and resources across the corporate data center, as well as monitor suspicious activity to mitigate potential security issues?

  2. #2
    ranman256's Avatar
    ranman256 is offline VIP
    Windows Vista Access 2010 32bit
    Join Date
    Apr 2014
    Location
    Kentucky
    Posts
    7,738
    The IT dept should secure the PCs. One had all external devices locked off. One could not insert a thumb drive to copy data. (nor CDs, etc)
    Settings for cloud, and antivirus' are also good. But it still wont stop dumb@$$s from opening malware on emails.
    and password the db.

  3. #3
    ssanfu is offline Master of Nothing
    Windows XP Access 2010 32bit
    Join Date
    Sep 2010
    Location
    Anchorage, Alaska, USA
    Posts
    8,477
    As ranman said, limit ability to export apps/data as much as possible. Disable CD/DVD drives, USB ports. You can compile Access dBs to avoid the VBA code being changed or design changes.
    Now you have to deal with Cloud platforms. For that there needs to be an audit trail of EVERY file copied/moved/deleted and by which employee.

    My feeling is that this is more an administrative problem.... IT can do only so much.
    Limit the personal devices at the work site. After all, it is work time. No laptops, portable CD/DVD drives or USB devices.
    There must be policies that have severe consequences if they are violated - demotion, time off with no pay, termination and/or criminal charges (if possible).
    If no consequences then......


    My $0.02.............
    HTH
    -----
    Steve
    --------------------------------
    "Veni, Vidi, Velcro"
    (I came; I saw; I stuck around.)

  4. #4
    Micron is online now Virtually Inert Person
    Windows 7 32bit Access 2007
    Join Date
    Jun 2014
    Location
    Ontario, Canada
    Posts
    6,423
    There must be policies that have severe consequences if they are violated - demotion, time off with no pay, termination and/or criminal charges (if possible).
    Let's not forget my favourite - hanging by the eyelids and beating them until they blink.

    Actually, I'm surprised employees are allowed to connect personal devices to company resources. I can't imagine a benefit to the company that comes from such a policy. At least not one that outweighs the potential for catastrophic data loss/theft, trojan horses, viruses, etc. Perhaps I'm just too old-fashioned.
    - "doesn't work" is no help. Post err msgs and where.
    - Use code tags for code/sql. Implement changes in copies of your database.

  5. #5
    orange's Avatar
    orange is online now Moderator
    Windows 10 Access 2010 32bit
    Join Date
    Sep 2009
    Location
    Ottawa, Ontario, Canada; West Palm Beach FL
    Posts
    14,327
    I agree with Steve and Micron --this is basically a data management/info resource management Policy issue. Many orgs have locked down the use of personal devices with policy and penalty approaches. Allowing users/employees to bring laptops etc into the workplace, connect to corporate data sources and "play" is circumventing any security control/mechanisms which is saying "opening your data/business to the public".
    I realize it isn't all public, but am trying to say you have removed/don't have basic safeguards.

    How important is your data to your business? To your Customers? To your Competitors?
    There will always be @sses who will "jump onto a free keyboard", "open any/all emails", "change files anonymously if given the chance" - so there are limits to what you can do and enforce. (wikileaks for example)

    Think of it in more personal terms. Consider your bank account--who do you want to have access to it? Who should be changing the numbers? Sometimes a realistic analogy can spur some action.

    Policies, password control, activity audits, best practices and education/communication will help. Best done if addressed from top down. It has to be recognized as essential to your business.

    If someone/group needs access to summary data (month end, quarter end, fiscal year end etc) then "design a process(es) to extract such data and supply it for appropriate access by bona fide users with established controls/mechanisms".


    Good luck.

  6. #6
    ssanfu is offline Master of Nothing
    Windows XP Access 2010 32bit
    Join Date
    Sep 2010
    Location
    Anchorage, Alaska, USA
    Posts
    8,477
    Quote Originally Posted by Micron View Post
    Let's not forget my favourite - hanging by the eyelids and beating them until they blink. <snip>
    Yes, I had forgot that.... I'll try and keep it in mind.
    HTH
    -----
    Steve
    --------------------------------
    "Veni, Vidi, Velcro"
    (I came; I saw; I stuck around.)

  7. #7
    ssanfu is offline Master of Nothing
    Windows XP Access 2010 32bit
    Join Date
    Sep 2010
    Location
    Anchorage, Alaska, USA
    Posts
    8,477
    Quote Originally Posted by orange View Post
    <snip> If someone/group needs access to summary data (month end, quarter end, fiscal year end etc) then "design a process(es) to extract such data and supply it for appropriate access by bona fide users with established controls/mechanisms".
    A mouthful, but 100% true.

    I also feel there needs to be a process to review quarterly or semi annually of the reporting/exporting of the data for report obsolescence or expiry of the reason for the reporting. I have see where a request (by engineering for example) for a specific set of data should only be reported for 3 months, yet the reporting went on for 4 years before someone questioned the continuing need for the reporting.
    HTH
    -----
    Steve
    --------------------------------
    "Veni, Vidi, Velcro"
    (I came; I saw; I stuck around.)

  8. #8
    orange's Avatar
    orange is online now Moderator
    Windows 10 Access 2010 32bit
    Join Date
    Sep 2009
    Location
    Ottawa, Ontario, Canada; West Palm Beach FL
    Posts
    14,327
    We developed some online corporate systems involving grants/loans/contributions/projects etc linked with finance. These were online database applications/corporate database with multiple access points across the country. We also had divisional, HQ personnel responsible for reporting and statistical analysis, planning/forecasting and what if/ad hoc scenarios. They needed a reporting system/stable system where the numbers were not changing second by second. So a management reporting type database with processes, tools and standard procedures was built based on extracts from the corporate database at specific times.

    The analysis and design of this set up resulted from a thorough review of older batch systems and a top down planning approach. The whole thing was sparked by a merger of several government departments and their inherent mandated Programs. At the merger we found many situations of reports produced that nobody used, applications with no identified owner, multiple competing databases ( 50 different sectoral company/customer product/interest types of databases---the gamut. But an IRM approach with top down strategies brought most of it under control and put some discipline on the existing confused approach to data and information management. Getting the various groups to understand the significance of online database/systems took a lot of training and communication. We often heard --that's not how we do things, we know how much will be spent under XXX Program, but a few meetings with different calculations and competing reported figures brought the subject to management and led to corrective action with more discipline.

  9. #9
    Janee Koehn is offline Novice
    Windows 7 64bit Access 2007
    Join Date
    Dec 2015
    Posts
    8
    Let's not forget my favourite - hanging by the eyelids and beating them until they blink. <snip>

    Quote Originally Posted by ssanfu View Post
    Yes, I had forgot that.... I'll try and keep it in mind.

    Yeah! LOL Never forget that!

  10. #10
    woods is offline Novice
    Windows 7 32bit Access 2013 32bit
    Join Date
    Oct 2017
    Posts
    7
    You have to Secure the Front Ends and Back Ends by not allowing certain area's to be accessed. This includes Shift-Bypass, Code Editor, Table Views, Menus, ect. I wrote a system that was across China, UK, Mexico and USA that when the Security Features, that I coded, were enabled they could not access nor manipulate any of the DB

Please reply to this thread with any new information or opinions.

Similar Threads

  1. Replies: 1
    Last Post: 09-15-2014, 01:25 PM
  2. Closing applications outside of Access?
    By ElEmEn in forum Programming
    Replies: 1
    Last Post: 10-13-2013, 07:03 PM
  3. Replies: 1
    Last Post: 08-20-2013, 11:25 AM
  4. Replies: 1
    Last Post: 04-09-2013, 06:59 AM
  5. Access Pages Tutorials and Resources?
    By MHernan1 in forum Access
    Replies: 1
    Last Post: 08-22-2012, 02:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Tech Forums: Microsoft Office Forums