Encrypting a Database
Before moving on to the more sophisticated methods of securing a database, it is important that you understand what any method of security does and does not provide for you. No matter how well you learn about and implement the techniques in this chapter, you will not be protected against someone attempting to read the data contained in your database. Even after you secure a database, someone with a disk editor can view the contents of the file. Although the data in the file will not appear in an easy-to-read format, the data is there and available for unauthorized individuals to see.You might be feeling discouraged and asking yourself, "Why bother with security?" Do not despair! Fortunately, Access enables you to encrypt a database, rendering the data in the database indecipherable in word processors, disk utilities, and other products capable of reading text. When a database is encrypted, it is much more difficult to decipher any of its data.You can encrypt a database using the standard Access menus or by writing a Visual Basic for Applications (VBA) subroutine. In either case, the database you are encrypting must not be open. To encrypt a database using Access's standard menus, follow these steps:
Chapter 28, "Advanced Security Techniques."It is always a good idea to back up the original database before you begin the encryption process. This ensures that if something goes awry during the encryption process, you won't lose your data.When you encrypt a database, the entire database (not just the data) is encrypted. As you access the data and the objects in the database, Access needs to decrypt the objects so that users can use them. When users are finished accessing the objects, Access then encrypts them again. Regardless of the method of encryption you use, the encrypted database degrades performance by about 15%. Furthermore, encrypted databases usually cannot be compressed by most disk-compression software utilities because compression software usually relies on repeated patterns of data. The encryption process is so effective at removing any patterns that it renders most compression utilities ineffective. You need to decide whether this decrease in performance and the inability to compress the database file is worth the extra security that encryption provides.