|
>unfortunately I hadn't designed the original >application, I was just maintaining it. We're all in that boat I think! >my users, and boss, would of screamed bloody murder. >This was a company that when I got >there about 1/4 of the users had >*ALLOBJ authority (about 15 users). > >The main thing I was securing against was >against PC and network users. Not easy when *ALLOBJ can sign on to ODBC. All too common, I think. >Unfortunately, most of the security on this >system was the standard security by obscurity, >which I was slowing getting rid of when I had >the free time. This is a typical sounding story. The boss has an aneurysm when she finds out that a PC person with Access or Excel can read the payroll files, but she has a fit when you tell her that it takes some work to properly secure things. "Security" as a buzzword has high priority, but Security as an actual practise does not.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
