Securing shared databases on the network

During the server presentation today, some people asked questions about security. Since I have been a Beta tester of 10.2 for several months, and have implemented 10.2 in an office with 16 users, and since I had definite views about certain security issues, I developed some steps that I have used and thought it would be useful to share.

I have certain concerns and principles for how the shared databases should operate. The office is a law firm and information is handled carefully there.

1. I wanted to restrict certain databases to specific people. So I wanted to prevent users from downloading those databases. If not intentionally restricted, any user with access to the server could download any database; that was not acceptable to me.

2. The users are all non-computer people, so I wanted the interface to be as easy to use and with as much error checking as feasible to help everyone use the database correctly. Therefore, I wanted to restrict access to editing forms or procedures, and to restrict access to the datasheet. Whatever someone needed, whatever reports they needed, would all be programmed into procedures. Of course, the interface of the various databases work in a similar manner so a user can easily remember how to do various things.

By using the following steps, one can remove the view menu, which prevents access to forms, procedures, and the datasheet. The users still have access to the System Administrator window, but they cannot access the Databases tab or the sessions tab. With these restrictions, they would never need to access this after the database is set up and connected to any server.

(We have not used Encryption, but it seems like a good idea in some situations.)

All ordinary users are logged in to a User Role.

1. While the database is standalone database, Select file/Database Options

In the database options window, lock the database to the account.

Set up the database entitlements to the User can open database, Developer can modify design, and Developer and Admin can use the Standard UI. (We don’t have any separate developers, so the developer entitlements are set the same as the Administrator.)

2. Then Share the database.

When someone in a User Role opens the database, they will not have a View Menu. They cannot edit forms and procedures or switch to them using view. They cannot open the datasheet. They will not be able to access the datasheet.

My databases have all hidden the Toobar also, and User cannot show the Toolbar.

Tom, you pretty much described how we implement Panorama at our company. We currently accomplish this with Pan6 and I needed a sense of continuity for PanX.

Your steps should help us meet our cyber-security requirements. I will test them and let you know my comments. Thank you very much for your input!.

Thanks Tom!

I used the previous security features extensively and have been thinking/wondering about how to handle this in X. How have you been dealing with the next level? ie. Allowing access to the database at user level, but restricting certain data and forms to specific users? With my current Enterprise setup any of my users can use any workstation, they see the same menus, but once logged on, can only “launch” the items that their security level allows. Trying to figure out the best way to rework that.

Hi Chris,

I am sure much of this is known to you already, but here is what we do. First, you would need a system so that a user is identified when they start Panorama. My approach may not work for you, where users can sit at any number of workstations. But just for curiosity, our users are all asked to start Panorama with a small database (Navigator). Navigator, among other things, checks to see if individual preferences have been stored on the computer and, if so, creates variables and assigns the preference to those variables. If not, it opens a form asking the person to enter their initials, name, and email. The initials become the main identifier, but if I could do it over, I would use an employee number.

Preferences are stored on the Mac and are part of the MacOS system and not part of Panorama. But Panorama can use them. I think they are stored in the user folder, but I am not sure about that.

In addition, Navigator looks up three server variables, one for the firm administrator, one for the firm billing administrator, and one for tech support (me). if the user’s initials match the server variable, then they will have privileges for that position. That is obviously not a ‘secure’ system; someone could enter another person’s initials, so it depends on the honesty of employees. However, in a law firm, honesty is essential for many things. But you could set up credential system where the user would enter their ID and password when Panorama is started.

We have another database, Timekeepers, where various data is stored. Users normally do not see that database; it opens secretly and is used for lookups. That sort of database could be used to verify credentials and return a security level, as you call that variable.

When a database opens and the user has been entered, he or she is taken to the menu page for that person. We have only two options, so it is not difficult. The regular ‘Home’ page and the ‘Admin Home’ page. The actions available on those two pages are quite different. BTW, each home page displays the user’s initials and name. We don’t use custom menus, but a page with dropdown menus. But Custom Menus could easily be set up depending on the security level. (Note: you would not user the Auxiliary Database feature for a verification database, because, I think, that the aux DBs are not opened until the .Initialize procedure is finished; instead, use opensecret when you need to use the db during the .Initialize procedure.)

That is an overview of how we manage the user’s access to various data, reports, forms, etc. I am sure there could be many clever ways to do it, but they all require some advanced planning to implement.

Tom

How do you do this, Tom?

The relevant statements and functions are listed in the Help Page Preference Values.

Thanks Tom, it’s always educational to hear how others have solved the same, or similar problem!