Security Considerations

  • Article

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

While security may not be the most exciting topic, the fact is that security is taking on an ever-greater importance for programmers as computers become increasingly connected through corporate networks and the Internet. Be sure to discuss the security needs for your solution with your customers.

There are two aspects of security with which you need to concern yourself as an Office solution developer. The first is protecting your intellectual property by securing your code. The second is protecting your solution from viruses and unwelcome users.

To secure your intellectual property, you have the following options:

  • You can password-protect the VBA project. For information about locking your VBA project, see Chapter 17, "Securing Office Documents and Visual Basic for Applications Code."

  • If your solution involves creating an add-in, you can build a COM add-in, which is compiled into a .dll file. The code contained in the .dll file can't be viewed, so you can distribute the file without worrying about others stealing your code.

  • If you're building a solution in Access, you can create an .mde file from the database and distribute that file. Saving your database as an .mde file removes all editable source code and prevents users from viewing or modifying the design of forms, reports, data access pages, or modules. Your VBA code will continue to run, but it cannot be viewed or edited. If your solution is an Access project (.adp) rather than an Access database, you can create an .ade file, which is similar to an .mde file.

    Note   Although saving a database as an .mde or .ade file prevents users from modifying a data access page from within Access, if they have access to the HTML file, they can still modify the HTML file in another HTML editor. To prevent users from modifying a data access page, you should save the HTML file to a network share and specify read-only permissions for users who need to view the data access page but should not be able to modify it. For more information about using file-system access control to protect access to documents, see Chapter 17, "Securing Office Documents and Visual Basic for Applications Code."

To protect your solution from viruses and from undesired users, you have the following options:

  • You can install a VBA virus scanner. For more information about available virus scanners, see the "Where to Go from Here" section at the end of this chapter.

  • You can define trusted sources for code. A trusted source is an individual or company that has been certified by a certification authority. You can then set the security level for each Office 2000 application to High to run code only from trusted sources, to Medium to permit users to choose whether to run potentially unsafe code, or to Low to run all code, whether trusted or not.

  • You can use Microsoft Jet security to secure a Microsoft Jet database (.mdb). Microsoft Jet allows you to implement user-level security for each object in a database.

For more information about securing your solution, see Chapter 17, "Securing Office Documents and Visual Basic for Applications Code" and Chapter 18, "Securing Access Databases."