Results 1 to 3 of 3
  1. #1
    2 Star Lounger
    Join Date
    Jul 2002
    Location
    North Dakota, USA
    Posts
    184
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Macro Security Level and Email (2003 SP1)

    My company is currently preparing for Office 2003. I support Access and considering putting the Macro Security Level to Low and turning off the Sandbox Mode in the registry and this would be everyones installation. The Access databases we create here are considered trusted and I don't want users to deal with all the security windows every time they open a database.

    So my question is, if we get a database from the outside that has coded the database to be destructive, will email virus scanners pick this up? We are running Outlook 2000 (soon to be 2003) with Exchange 2003. We are using Trend Micro at the server level and McAfee at the desktop level for virus scanning. I'm considering have a few machines with the macro security levels raised so we can look through outside databases before use.

    Thoughts?

    Sarah

  2. #2
    Super Moderator
    Join Date
    Aug 2001
    Location
    Evergreen, CO, USA
    Posts
    6,623
    Thanks
    3
    Thanked 60 Times in 60 Posts

    Re: Macro Security Level and Email (2003 SP1)

    One alternative would be to create a security certificate for all local databases - that would let you run at medium security with no prompts. Doing that isn't trivial, but it would alert you if an outside database were opened. In addition, the virus scanner software should pick up anything coming through in email (unless of course it's brand new). Finally, it's my impression that there are relatively few viruses based in Access compared to the VB, Word and Excel based population - not that's any great comfort, but it should be factored in.
    Wendell

  3. #3
    2 Star Lounger
    Join Date
    Jul 2002
    Location
    North Dakota, USA
    Posts
    184
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Macro Security Level and Email (2003 SP1)

    Thanks for your comments. I've considered getting a certificate, but our company isn't quite there yet, we don't have a company wide one. So until we do I'll probably change the default to low for now.

    I'd appreciate anyone else's thoughts and comments, possibly what you did in a similar situation.

    Thanks. Sarah

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •