(UTC)
  Lantica User ForumLantica DiscussionsLantica Discussion › prevent/block export function
(Moderator: Forum Admin)
Previous Topic | Next Topic
Page Index Toggle Pages: 1 Send Topic Send Topic Print Print
Normal Topic prevent/block export function (Read 877 times)
airjordan
Member
*
Offline



Posts: 13
Joined: Sep 11th, 2009
prevent/block export function
Sep 15th, 2009 at 6:32am
Print Post Print Post  
Hi,

Does anyone know of an easy way to block the export function for a user/group?
We want to protect the data in the case of an employee exporting all customer records and taking it offsite with them or on to another job.

IS there a way to customize security permissions/rights for groups?

Thanks

AJ
  
Back to top
 
IP Logged
 
Hammer
YaBB Administrator
Lanticans
*****
Offline


Fire bad. Tree pretty.

Posts: 3436
Location: Ohio
Joined: Nov 22nd, 2002
Re: prevent/block export function
Reply #1 - Sep 15th, 2009 at 1:45pm
Print Post Print Post  
Hi AJ,

There are several ways to customize security for groups, but you can't specifically block Export. However, that wouldn't really help you anyway. Even if you block Export, there are still Reports, Print Forms, Mass Update, OS file copy, screen captures, pen/paper, etc. In any database system, if people are allowed to view and work with your data, there's not much you can do to prevent them from taking it away with them if they are malicious or untrustworthy.
  
- Hammer
The plural of anecdote is not data.
Back to top
WWW WWW  
IP Logged
 
lksseven
Full Member
***
Offline



Posts: 416
Location: Southwest
Joined: Jan 26th, 2009
Re: prevent/block export function
Reply #2 - Sep 15th, 2009 at 4:04pm
Print Post Print Post  
AirJordan,

There are always physical barriers that can make it much more difficult for someone to steal data - disable floppy drives, usb ports, put printers in secured areas.  Of course, they can just email the data file.  So then what?  Deny them email?  Not really workable.

But, Hammer, why can't he create custom menus and then just disable the command menus from a group?  That way the user only sees the forms and the buttons (and only on the form) that Air Jordan wants him to see, which would not include export or mass update.  I've done that with my Client Order piece that lets clients log on to my server to place orders.  I don't believe they can defeat the screens I allow them, and do anything I don't want them to do.

Ultimately, though, Hammer is right.  Any business, and all other organizations, live and die upon the integrity of its members.  If you are in an industry that enables/seems to encourage sales people to easily be a Pied Piper and have clients follow them to another business, then you either live with it, hoping the growth generated from employees offsets the occasional creep who memorizes your rolodex, schmoozes your clients and then walks with some of them, or settle on the only failsafe method, which is to have only family members (or just you, to be completely protected) be the customer's point of contact with the company (like a dentist).  Cuts down on growth, but cuts down on high blood pressure, too!
  
Larry
Back to top
WWW WWW YIM YIM  
IP Logged
 
Hammer
YaBB Administrator
Lanticans
*****
Offline


Fire bad. Tree pretty.

Posts: 3436
Location: Ohio
Joined: Nov 22nd, 2002
Re: prevent/block export function
Reply #3 - Sep 15th, 2009 at 4:10pm
Print Post Print Post  
lksseven wrote on Sep 15th, 2009 at 4:04pm:
But, Hammer, why can't he create custom menus and then just disable the command menus from a group?  That way the user only sees the forms and the buttons (and only on the form) that Air Jordan wants him to see, which would not include export or mass update.  I've done that with my Client Order piece that lets clients log on to my server to place orders.  I don't believe they can defeat the screens I allow them, and do anything I don't want them to do. 

He can, but even then there are ways around it, although it makes them harder to find. He can make it more difficult, but I didn't want to give the impression that there was some absolute way to prevent someone from walking out the door with data. If that's the point, then there may not be a good reason to go through the hassle of blocking out the Export command if doing so doesn't really meet his end requirement.
  
- Hammer
The plural of anecdote is not data.
Back to top
WWW WWW  
IP Logged
 
lksseven
Full Member
***
Offline



Posts: 416
Location: Southwest
Joined: Jan 26th, 2009
Re: prevent/block export function
Reply #4 - Sep 15th, 2009 at 10:35pm
Print Post Print Post  
"He can, but even then there are ways around it, although it makes them harder to find." ...

Fortunately there's nobody at my place (including me!) smart enough to figure out those end runs .... I guess that makes me lucky?

Of course, a lawyer would say that diligent, demonstrable attempts to safeguard data would help him build a compelling legal argument that the data-thief knew full well that what he/she was doing was wrong and that the data-theft was premeditated by definition (hard to claim that you thought the jewelry was being given away if it's locked away in a safe, versus sitting in a chair on the porch).

In any case, I understand your point.  Thanks!
  
Larry
Back to top
WWW WWW YIM YIM  
IP Logged
 
Page Index Toggle Pages: 1
Send Topic Send Topic Print Print
Previous Topic | Next Topic
 
  « Board Index ‹ Board Top  

Lantica User Forum » Powered by YaBB 2.6.11!
YaBB Forum Software © 2000-2024. All Rights Reserved.

Valid RSS Valid XHTML Valid CSS Powered by Perl Source Forge