With Software, Till Tampering Is Hard to Find
A very interesting story on till tampering and cash in restaurants. With Software, Till Tampering Is Hard to Find Indeed any cash business. Thanks to Slashdot for the link
However that story concentrated on business owners and missed one area of attack. "Thieves put a zapping program onto a portable flash drive so it can be run and then removed from the machine, leaving no trace." What's to say employees who are working by themselves for a few minutes won't insert a USB memory key or CD Rom drive?
I recall a City of Edmonton police detective talking about a similar fraud at a rental business 25 years ago. The system operator deleted the occasional cash transaction from the tables for short term rentals of a day or less and pocketed the cash. The employee was only caught because a person doing the cash balancing at the end of the day realized he was missing a $100 bill he had put in the cash box earlier.
How is this Access related? If you're working on an application that handles cash think about how someone could poke about in the tables and start deleting transactions manually. Sure, there would likely be missing autonumbers but that doesn't mean much and certainly isn't proof of anything.
Anything that you could think about doing someone with a zapper program could figure out. See Sysinternals File and Disk Utilities. Ok, that's getting pretty complex for a mere waiter. Oh wait, a friend of mine has a degree and put himself through university as a waiter.
You're using a SQL Server database? The user could possibly be using some software running from the USB thumb drive to examine the tables directly. If security isn't setup properly. And I know next to nothing about SQL security.