Microsoft Access – Discovery and Risk Mitigation Strategy – Part 1
This comprehensive risk mitigation and management protocol consists of three major components: 1) a proven approach, 2) a set of proprietary tools, and 3) IT specialists dedicated to this body of work.
Our client, for this case, is a very large customer of Microsoft, whom estimated that they had over 65,000 (that’s sixty-five-thousands) MS Access databases located across their network within North America residing within 2600 locations on a network consisting of 25 terabytes of data, mixed in with over 12.5 million other files. The client was preparing for an enterprise wide migration to Office 365 when they realized that regional divisions had operational dependencies on MS Access database applications developed by shadow IT groups dating back before the millennium and still in use today.
The Microsoft Access database application platform is the world’s fastest rapid application development platform on the planet, having been installed on over 1.3 billion computers since its initial release in 1992. Business leaders and IT professionals have created simple to complex custom database applications solving critical business needs.
MS Access is a natural extension of MS Excel, and when Excel limits are reached, MS Access is the next logical tool of choice. The proliferation of MS Access database applications grows within an organization whenever there is a gap in available commercial off-the-shelf (COTS) software solutions and business needs. Yet, this is the heart of business innovation and where new products and services are invented and new markets and profit streams initially developed.
Necessity is the mother of invention, and MS Access is the fastest tool to construct a solution.
Microsoft Access often comes pre-installed on a new employee’s PC and resides within the Microsoft Office Professional suite of products. Today, every Office 365 edition includes MS Access too. In its simplest state, a single Microsoft Access application may consist of a single physical file. This single physical file may contain two logical layers; a front-end or user interface, and secondly, a back-end or the database portion of the application.
The front-end application may consist of one or more forms used for data entry and may also contain custom reports. Within the database portion of the single physical file, there may exist one or more tables which 1) contain data (i.e., traditional client/server), 2) links to other MS Access database applications, text files, and excel files or other heterogeneous data sources such as SQL Server, Oracle, Sybase, Teradata, DB2, Salesforce and more.
MS Access database applications often start their life outside of formal IT departments and governance processes and are not tracked as formal IT assets. These applications don’t have official IT budgets nor is their business function documented within enterprise asset management portfolios. This lack of asset tracking and the growing dependency on these evolving business applications, leads to a hard to detect but nonetheless, a growing risk to business operations upon application failure.
Network errors, user mistakes, employee mishandling of rules and applications, software out of date, data corruptions, legacy code, viruses, malicious user behavior all threaten to jeopardize these vulnerable yet critical business solutions supporting a growing critical business function.
Microsoft Access versions older than and including 2010 are no longer supported and are technically considered legacy applications.