Legacy Access Applications

[Tina K]

Hi,

I recently joined a company that use several Access applications that were
originally created for a quick method of accomplishing data entry, storage,
and reporting. Now the original developer of that group is not longer with
the company and documentation is no where to be found. The company seems to
rely pretty heavily on this data. My question is how do companies handle
the risk that comes with that? My guess is that other companies have
probably come across the same or similar situation and what is the best
approach in handling the risk?

Sincerely,
Tina K

 

[Allen Browne]

What risk are you concerned about, Tina?

Security risk? From inside (staff)? From outside (hackers)?
Dependability? Corruption? Backups?
Risk of growing beyond Access (e.g. hundreds of users)?
Other?

In general, Access is suitable for dozens of simultaneous users, millions of
records in some tables, on a stable (not WiFi if dialup, unless you run
sessions in TS or Citrix on server), when security is not paramount, where
all users can be logged out for maintenance/backups, and the file size does
not exceed 1GB (2GB allowed, but you need some headroom.)

A well designed Access database on reliable hardware (network, power,
computers) can be very stable, running for years without any data
corruption, and very minimal maintenance.

 

[Tina K]

Hi Allen,

Thanks for your email and apologies for not clarifying the risks. We're
concerned with all of the risks you mentioned below with the exception of
hackers. Unfortunately, we're in a mixed network environment (Novell & AD)
and it's definately not stable. This is an elephant of a task and how do you
start? I guess 1 bite at a time...

What is the best way to accomplish our goals, without alienating our
customers? We have about 100 applications and there are no set standards and
protocols at the moment. Being new to the IT group, I feel the law needs to
be laid down, but no one will do it.

At the moment, here is what our team had in mind as an approach.
1- Cataloging the applications, determining business criticality
2- Analyzing applications and recommending changes according to MS Access
Better Practices
3 - Limiting data to those who have a need to know basis.
4- Evaluate the cost/benefit of implementing the controls
5- Track control of implementation and review.

What are your thoughts?

Thanks in advance

 

[Allen Browne]

Tina, you're on the ground there, and so you can best make the IT decisions.

The questions you raise are about IT policies, rather than technical
questions about how to use Access.