Preventing clients from creating local copies of the database

We have a secure Notes database (locked down to the document level)that contains important information. This database is clustered to provide 24x7 availability. Clients can copy or replicate this database to a local PC, but we have code preventing the document from being open through the Notes client.

We have found a third-party tool that allows clients to view documents they have permission to see and open a local version of this database. We are concerned that when an employee leaves our company, and if they take a copy of a Notes ID and database, they can still open important documents using a third-party tool. How can we add more security? Can we prevent clients from creating a local copy or replica of the database?
Hmmmm ... your question touches one of my hot buttons. You said that users could create a full copy of the database on their personal computers, but there is some code in the database that prevents them from opening certain documents? If this is the case, I am almost certain you have an insecure design. It is usually pretty easy for a smart user to get around any client-side security code. The user can always just copy the docs out to another database that does not contain your form or view restrictions. In general, if users have plain text data (meaning not encrypted) on their personal computers, they can find a way to read it. Send me some an e-mail privately if you want to talk about this some more – Connell@chc-3.com.

Do you have comments on this Ask the Expert question and response? Let us know.

Dig Deeper on Lotus Notes Domino Backup and Recovery

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.



  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...