I have been through a number of threads on this topic and apologise if I am repeating what may have gone before. I have split my db after following Albert Kallal's excellent article. The FE is now locked down as an mde, and installed on the workstations. The BE is on the server in a folder only a dedicated list of users can access. The BE is still an mdb and as such a user can open the file, add new records to the tables, change the structure of the table or alter the primary key. They have no need to do this but you know inquisitive minds! How do I lock down the BE to prevent this happening, can I make the BE an mde as well (I wasn't sure from the article) or are there other steps I should take. Thanks for your suggestions, Ian.