Security Guide
Table Of Contents
- Chapter 1 About database security
- Chapter 2 Security “Top 10” list
- 1. Ensure physical security
- 2. Ensure operating system security
- 3. Establish network security
- 4. Devise a plan for securing your databases
- 5. Restrict data access with accounts and privilege sets
- 6. Back up databases and other important files
- 7. Install, run, and upgrade anti-virus software
- 8. Test your security measures
- 9. Assess, iterate, and improve security measures
- 10. Upgrade to FileMaker Pro 7 and FileMaker Server 7 for security enhancements
- Chapter 3 Build security into your solutions
Chapter 1
About database security
FileMaker
®
Pro software enables you to create databases that can be used individually, shared on a
peer-to-peer basis, shared using FileMaker Server, accessed via ODBC or JDBC, or shared within
an intranet or with Internet users. It is critical that you think about what data is being shared, what
types of vulnerabilities exist, and how to protect data and database files.
In some cases, data is not particularly sensitive, business-critical, or confidential, or the software
itself is used by one individual in a secure location, or in an open, trusting environment where
security considerations are not a concern. In most cases, however, data is business-critical or
sensitive, and you must take steps to protect it. You should plan and implement security measures
in all phases of design, testing, and deployment.
About this guide
•
This document addresses security concerns for FileMaker Pro 7, FileMaker Developer 7, and
FileMaker
Server 7 only. For information on security for previous versions of FileMaker Pro,
download documents from www.filemaker.com.
•
For step-by-step information on FileMaker Pro features, including defining accounts and
privileges to protect database files, refer to FileMaker Pro Help.
•
FileMaker Pro documentation uses the term
web
publishing
to refer to databases that users can
access on the Internet or on an intranet using a web browser.
•
This guide uses “FileMaker Pro” to refer to both FileMaker Pro and FileMaker Developer, unless
describing specific FileMaker Developer features.
Important
You can download PDFs of FileMaker 7 documentation from www.filemaker.com/
downloads. Any updates to this document are also available from the web site.
Security goals
There are three general issues to consider in protecting your FileMaker databases:
•
Privacy
•
Integrity
•
Availability
Privacy of data
When designing and deploying any database, you have a responsibility to ensure that unauthorized
people cannot access the data.
Integrity of data
Design a system open enough to allow authorized users to create and update data while preventing
unintentional changes. You must also restrict access to unauthorized people who might try to
tamper with the files. Unfortunately, there are individuals who might attempt to access your
information systems and steal corporate assets.