Security Question...

[ThriftyFinanceGirl]

I have a good security login procedure built for an application that is a
split frontend/backend app. As far as the BACKEND is concerned... would it
be enough to put the backend in a protected folder that only people in the
user group have access to? Or how do people usually protect the backend in
frontend/backend deployment?

 

[David H]

You're limited in what you can do. Its going to me more along the lines of
placing stumbling blocks.

1) Yes, place the back end in a fold that only users that *need* access to
it have rights to it via Active Directory. Users not in the group won't even
be able to see the contents of the folder.

2) You don't have to have your Front End linked 24/7 to the back end. You
can certainly write code that reaches out to the backend and connects the
tables at startup and then disconnect when the DB shuts down. (If it shuts
down abnormally, the tables will still be linked).

3) You can also change the name and the extension of the DB.
CompanyFinancialData.MDB is pretty obvious. However, DB_Prod_CFD_01.tfc
isn't. Even though its not a .MDB extension Access can still connect to it.

4) Keep in mind that if someone knows the file name and its location they
can still manually link to the tables there in.

5) Keep track of the machines that the Front End is loaded on and who has
the machines.

6) Convert the Front End to a MDE if you haven't already done that.

Others will have additional comments.

Side Note: I've become a HUGE fan of SQL Server Express as a back end to an
Access front end. Its free and gives you all the power of SQL Server without
having to know too much about it. And it gives you features not possible with
Access.

 

[ThriftyFinanceGirl]

Thanks. Funny that you mention SQL Server... I 've been thinking about
upsizing the backend but really want something that doesn't need as much
handholding as the full SQL Server... What are the advantages in processing
speed etc.

We have been toying with the idea of deploying this via Citrix because when
we get the backend out on on a departmental drive it really slows down. And
I've gone through and checked all my indexing, code etc for opitmization,but
it is things that really are not slow locally at all. Would SQL Express help
with query processing?

 

[David H]

See Below...

Thanks. Funny that you mention SQL Server... I 've been thinking about
upsizing the backend but really want something that doesn't need as much
handholding as the full SQL Server... What are the advantages in processing
speed etc.

Can't really answer that specifically, but if I understand it correctly the
burden of performing the query rests with SQLServer as opposed to the Access
on the Front End. Access has to do all of the work with an .mdb file whereas
SQLServer does the work on behalf of Access when its the backend. My specific
knowledge of that aspect is limited so I might be a bit off.

We have been toying with the idea of deploying this via Citrix because when
we get the backend out on on a departmental drive it really slows down. And
I've gone through and checked all my indexing, code etc for opitmization,but
it is things that really are not slow locally at all. Would SQL Express help
with query processing?

Before you go Citrix, I'd test Express. You can upsize an Access DB to
SQLServer and leave the original DB intact. You may not be able to run the
full front end against SQLServer witout some modifications due to syntax,
however you should be able to do a side-by-side rough comparison of both
back-ends by running simple queries. It'll all be subjective but should give
you enough to move forward or not. Create a new .mdb file and link it to
SQLServer and then run ad hoc queries. I wouldn't try to connect the actual
front end for the test.

Basically, for the test just run ad hoc queries to see if there's any
performance change (which there should be). Make sense?

Keep in mind that in FE/BE configuration the FE should be local to the
user's machines.