Security Guide
Table Of Contents
- Chapter 1 About database security
- Chapter 2 Security “Top 10” list
- 1. Ensure physical security
- 2. Ensure operating system security
- 3. Establish network security
- 4. Devise a plan for securing your databases
- 5. Restrict data access with accounts and privilege sets
- 6. Back up databases and other important files
- 7. Install, run, and upgrade anti-virus software
- 8. Test your security measures
- 9. Assess, iterate, and improve security measures
- 10. Upgrade to FileMaker Pro 7 and FileMaker Server 7 for security enhancements
- Chapter 3 Build security into your solutions
Security “Top 10” list
11
•
Determine if you need to enable any extended privileges (for example, FileMaker Network
sharing or Instant Web Publishing) for certain privilege sets.
• Create the accounts you need in the file, and assign the appropriate privilege set to each account.
Consider developing a grid that lists the types of users and summarizes their privileges:
*You can provide limited access to some features, for example deleting records, by using record-
by-record privileges. For more information on record-by-record privileges, see FileMaker
Pro
Help.
5. Restrict data access with accounts and privilege sets
Use accounts and privilege sets to provide the most basic security method within FileMaker Pro
files. With accounts and privilege sets, you can limit what users can see and do in a database file.
You can restrict:
• File access: Require users to enter an account name and password in order to open a file.
• Data access: Make particular records or fields from individual tables view-only, or hide them
completely.
• Layout access: Prevent users from viewing or modifying layouts in Layout mode.
• Access to value lists and scripts: Prevent users from accessing and modifying value lists and
scripts, and from running scripts.
• Outputting data: Prevent users from printing or exporting data.
• Menu access: Make only a limited set of menu commands available.
When files are restricted with accounts, users must know the account name and password before
opening or connecting to a database. The account name and password they enter determines which
privilege set will be used, which limits what they can do in a file. For more information about
accounts and privilege sets, see
“Restrict access with accounts and privilege sets” on page 17.
Tips
• Your security is only as good as the user accounts and passwords you define. For more
information, see
“Tips for creating effective passwords” on page 18.
Type of
users
View
records
Create
records
Edit
records
Delete
records
Modify
scripts
Execute
scripts
Modify
Value lists Menus
Managers Yes Yes Yes Yes Yes Yes Yes All
Marketing Yes Yes Yes Limited* Limited* Yes No Editing only
Sales Yes Yes Yes Limited* No Yes No Editing only
HR Yes Yes Yes Yes Yes Yes No All
Legal Yes No No No No Yes No Minimum
Guests Yes No No No No No No Minimum