We have experienced problems with users accessing data tables outside the applications and were unable to solve it using network security features alone.

Our homegrown Fox solution (which BTW has to support Fox2.6 DOS & Win versions) to protect particularly sensitive data elements e.g. group membership, passwords) was to place the tables in a secure network folder that 'ordinary' users do not even see.

Requests for this information are passed to a server that does have rights to this data (and can also do some basic checking regarding who and how the request was made). It fetches the data and returns it to the user if satisfied that the request was valid.

Obviously this is a very limited approach that is only suitable for small bits of data. For anything larger you would need something other than VFP alone (MTS?)