You can use n-tier design and run the data access tier as a COM+ application. It has access to the data, but the actual user doesn't.

>Currently, our users, via their Windows logon privileges, are given access to the various network drives containing data files needed by the VFP applications they will be using. The potential, unfortunate side effect of this, is that a malicious, capable user could use a tool like Excel to attempt to open & view the raw data files.
>
>Is there any way we can use SQLCONNECT or other commands to prevent such access? What would be ideal, is if the user's Windows logon didn't provide any network drive access; rather, the compiled applications would connect the appropriate connection strings & passwords to provide access from within the application only.
>
>Can this be done with VFP, & if so, how?
>
>Thanks very much,
>Randy