Community
Showing results for 
Search instead for 
Do you mean 
Reply

Remote DataBase Security

Skilled Commentator
Posts: 71
Country: United Kingdom

Remote DataBase Security

Hi

Hopefully this is a simple question.

 

If I use remote database sync to allow multiple remote staff to use Act! - Is my data secure.

 

Firstly:

I would like to ensure they can perform no form of Export

 

Second:

Is the 'raw' Database secure - could a SQL expert hack the database and gain access to the data.

 

Many thanks in advance

Silver Contributor
Posts: 1,813
Country: USA

Re: Remote DataBase Security

Export to excel can be disabled through tools, preferences.

 

Unhackable by an expert?  No

 

You can find a whitepaper on the ACT security model here

Test Drive Act! and Quickbooks over Citrix http://GoTryAct.com

Jon Klubnik| ActTrainer.com
(866)710 4228

ACT! Certified Consultant / ACT! Premier Trainer / ACT! Hosting Provider

Platinum Elite Contributor
Posts: 14,384
Country: Australia

Re: Remote DataBase Security

Re the second ... you don't even need to be an "expert"

If you are really worried about protecting the ability to export, the best way would be to use a server based version - either via Web or Terminal Services.
Skilled Commentator
Posts: 71
Country: United Kingdom

Re: Remote DataBase Security

Mike (and Jon)

 

Preventing Exporting is (I believe) relatively easy.

 

My greatest concern:               Having a remote distributed workforce with Act! Remotely Synced.

 

Yes-I can limit 'subsets' of data to various remote users - but some will need access to the entire DataBase.

 

My greatest concern:

 

An employee leaves - and walks off with the 'entire' database (Sure some fields can be prevented from syncing)

 

 

 

I guess what you're saying is they would only need to go to a ??SQL Express?? Expert and it wouldn't be too long before the database was unlocked.

 

Am I correct here in this assumption.

 

 

Is there anything that can be done - i.e. if the Database was SQL Server rather than SQL Express - would this make a difference in terms of security??

 

Is it not possible to have the SQL (or SQL Express) Database authenticate with some form of One Time Key (i.e. using one of those dongles where the code changes every 15 seconds)

i.e.. They Authenticate in

 

But my guess here - is that even if this wishful thinking did exist - then a 'hacker' could still crack the database during the time it was 'authenticated'.

 

 

If you have any thoughts - it would be greatly appreciated.

 

If not - my gut is telling me a Hosted (Act Premium for Web) is the way to go??

 

Many Thanks for your thoughts so far

 

 

 

 

 

 

 

 

 

Silver Contributor
Posts: 1,813
Country: USA

Re: Remote DataBase Security

Your ACT database  can  be hosted either over ACT for Web or if you need the full desktop ACT product you could do a Citrix (Terminal Services) environmenet.  With Citrix, We can control and lock down the abiliity to do almost everything except take a screen shot.  We can lock down local saving, printing, export to excel and the database would not be on the users machine at all.  If you need to terminate or have problems with an employee, it's a simple process to cut them off entirely.

Test Drive Act! and Quickbooks over Citrix http://GoTryAct.com

Jon Klubnik| ActTrainer.com
(866)710 4228

ACT! Certified Consultant / ACT! Premier Trainer / ACT! Hosting Provider