Security Guide
Table Of Contents
- Chapter 1 About database security
- Chapter 2 Security “Top 10” list
- 1. Ensure physical security
- 2. Ensure operating system security
- 3. Establish network security
- 4. Devise a plan for securing your databases
- 5. Restrict data access with accounts and privilege sets
- 6. Back up databases and other important files
- 7. Install, run, and upgrade anti-virus software
- 8. Test your security measures
- 9. Assess, iterate, and improve security measures
- 10. Upgrade to FileMaker Pro 7 and FileMaker Server 7 for security enhancements
- Chapter 3 Build security into your solutions
Chapter 2
Security “Top 10” list
Be sure that your database files, host computers, workstations, and the networks that access them
are safe from theft and corruption. This chapter covers ten security measures that you can
implement to protect your data and equipment. This “Top 10” list includes the following:
•
Ensure physical security
•
Ensure operating system security
•
Establish network security
•
Devise a plan for securing your databases
•
Restrict data access with accounts and privilege sets
•
Back up databases and other important files
•
Install, run, and upgrade anti-virus software
•
Test your security measures
•
Assess, iterate, and improve security measures
•
Upgrade to FileMaker Pro 7 and FileMaker Server 7 for security enhancements
Each of these measures is detailed further in the rest of this chapter.
1. Ensure physical security
Evaluate your computers to make sure they are physically secure:
•
The host computer should be a dedicated machine, anchored to a desk or immovable object with
a lock. Secure the computer so that its hard drive cannot be removed. Restrict access to the
computer by storing it in a locked room.
•
Secure the client workstations that access a database. Lock the computers down and restrict
access by using a screensaver that requires a password.
•
Ensure the physical security of backup copies of files stored on portable media, such as tapes
and CDs.
2. Ensure operating system security
Use the security features of your operating system to restrict access to important data. The network
administrator should provide access only to individuals authorized to administer and maintain the
system or the FileMaker databases. In addition, they should:
•
Track system user IDs and passwords.
•
Restrict access to the FileMaker Pro application and file directories, servers, and web pages.
•
Review remote access settings for file sharing and FTP.
•
Restrict file upload or download access.
•
Make sure all users have the latest, most secure versions of operating system software.