Securing Office Solutions

  • Article

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

In an age where large amounts of information are being shared faster and further than ever before, security is a growing concern for both solution developers and customers alike. There are several different aspects to security: the security of your intellectual property; the security of the data in your solution; and the integrity of the code in your solution.

Chapter 17, "Securing Office Documents and Visual Basic for Applications Code," explains how to secure your VBA code so that your intellectual property cannot be abused or altered. Additionally, this chapter discusses ways to protect Microsoft® Office documents from users who do not have viewing privileges for the data in the document.

Chapter 17 also addresses how developers and customers can ensure protection from macro viruses by entering into trusted relationships. Using Microsoft's new Authenticode technology, developers can digitally sign the VBA projects in their solutions to indicate to users that the developer has been approved as a trusted source. Customers can then determine whether they want to run solutions that have not been signed by a trusted source.

Chapter 18, "Securing Access Databases," discusses the additional security options available to you for a Microsoft Access-based solution. To protect your intellectual property, you can save an Access database in a manner that converts all of the VBA code to pseudocode, a form that cannot be read by people.

Chapter 18 also discusses the two options for protecting the data in your Access solution. The simplest way to protect the data in your database is to set a database password. A more complex, but also more flexible approach, is to use the sophisticated user-level security system in Access. This system allows you to set different levels of security on various objects for different users.

Finally, Chapter 18 explores security issues for data access pages, including preventing unauthorized users from viewing data in the database, preventing access by malicious scripts, controlling access by authorized users, and protecting the HTML pages themselves on the server.