FileMaker 8 ® Security Guide
© 2004–2005 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker is a trademark of FileMaker, Inc., registered in the U.S. and other countries, and ScriptMaker and the file folder logo are trademarks of FileMaker, Inc. All persons and companies listed in the examples are purely fictitious and any resemblance to existing persons and companies is purely coincidental. FileMaker documentation is copyrighted.
Contents Chapter 1 About database security About this guide Security goals Potential threats to your data Planning security 5 5 6 7 Chapter 2 Security “Top 10” list 1. Enhance physical security 2. Enhance operating system security 3. Establish network security 4. Devise a plan for securing your databases 5. Restrict data access with accounts and privilege sets 6. Back up databases and other important files About FileMaker Pro file recovery 7. Install, run, and upgrade anti-virus software 8.
FileMaker Security Guide
Chapter 1 About database security FileMaker® Pro software enables you to create databases that can be used individually, shared on a peer-to-peer basis, shared using FileMaker Server, accessed via ODBC or JDBC, or shared within an intranet or with Internet users. It is critical that you think about what data is being shared, what types of vulnerabilities exist, and how to protect data and database files.
FileMaker Security Guide Integrity of data Design a system open enough to allow authorized users to create and update data while preventing unintentional changes. You must also restrict access to unauthorized people who might try to tamper with the files. Unfortunately, there are individuals who might attempt to access your information systems and steal corporate assets. Availability of data Databases should only be available to users as necessary.
About database security 7 Planning security Start by mastering the FileMaker Pro built-in security features: accounts and privilege sets. Plan on taking a flexible, multi-layered, and iterative approach to security. • Your security plan should be flexible enough to consider an individual’s unique data access requirements.
FileMaker Security Guide
Chapter 2 Security “Top 10” list Be sure that your database files, host computers, workstations, and the networks that access them are safe from theft and corruption. This chapter covers ten security measures that you can implement to protect your data and equipment.
FileMaker Security Guide • To streamline processes, you can enable external authentication, which uses accounts that have been configured in the Windows Domain Authentication or in Apple OpenDirectory. For more information, see “Security enhancements in FileMaker Server” on page 15. • Do not put FileMaker Pro files on file servers to share them. Use the built-in networking feature in FileMaker Pro and FileMaker Server.
Security “Top 10” list 11 • Determine if you need individual accounts for each user (recommended), or accounts that multiple users can share (such as a “Marketing” or a “Sales” account). It is possible to create a small number of accounts that are shared among many individuals (such as a “Marketing” account and a “Sales” account). However, keep in mind that shared accounts are a security risk. For better security, use individual accounts instead of shared accounts.
FileMaker Security Guide • Outputting data: Prevent users from printing or exporting data. • Menu access: Make only a limited set of menu commands available. When files are restricted with accounts, users must know the account name and password before opening or connecting to a database. The account name and password they enter determines which privilege set will be used, which limits what they can do in a file.
Security “Top 10” list 13 • Make sure backup copies aren’t damaged or inaccessible. Verify that they are functioning properly before you need them. Run diagnostic tools on your hard drive and your backup files regularly. • Ensure that you can restore an entire set of files from backup copies. • Regularly export the data to protect against file corruption. • Protect the backup media itself. Store backups in a separate and fire-proof location.
FileMaker Security Guide 7. Install, run, and upgrade anti-virus software Because most computers have Internet access, they are vulnerable to viruses being transmitted through email attachments. Make sure all employees run anti-virus checking software regularly, and that they are aware of typical virus warning signs. Employees should scan all files before copying or downloading them to their computer, and they should never open unsolicited attachments, even if they’re from someone they know.
Security “Top 10” list 15 • How damaging would its loss or disclosure be? • What is the minimum level of security to prevent loss or disclosure? • What tools can I use to implement that security? To assess security, enable log files in FileMaker Pro and FileMaker Server and review users’ actions. You can also track actions if you include scripts and calculations that capture the user’s account name, password, and IP address. 10.
FileMaker Security Guide • You can enable and disable specific extended privileges, such as Instant Web Publishing, XML, and XSLT for the Web Publishing Engine. For example, if you know that all files on one server will be shared with Instant Web Publishing, you can disable all other types of web publishing. Even if a file includes extended privileges that allow access to XML data, access to XML data is not available while the file is hosted with that Web Publishing Engine.
Chapter 3 Build security into your solutions Developers and network administrators must assume the responsibility for managing security in the design and deployment of their database files, and for managing security on a routine basis. Restrict access with accounts and privilege sets The primary way to protect your files is to define accounts and privileges in FileMaker Pro. It’s a good practice to restrict access to every file, with an Admin password that only you know.
FileMaker Security Guide Tips for restricting file access • Avoid automatically logging in with an account name and password specified in the File Options dialog box. • Using the same password in each file is often convenient when users must interact with several solution files in once session. This no longer works when users change their own password (unless they change them in all files). When you create accounts, you must create them in all solution files.
Build security into your solutions 19 Tips for creating effective passwords • Secure passwords are more than eight characters in length, and include mixed upper and lowercase letters and at least one numeric digit. Consider combining two unrelated words, and swapping letters out for numbers, for example, b0att!me (swapping a zero for “o” and an exclamation point for an “i”). • If files are web-published, account names and passwords should only use printable ASCII characters, for example a-z, A-Z, and 0-9.
FileMaker Security Guide Web publishing security considerations FileMaker Pro software enables you to publish databases to your intranet or the Internet, so that users can browse, search, and update the databases using web browser software. This introduces more risk than sharing files with other FileMaker Pro clients. Tips and considerations when designing databases for web publishing 1. Define accounts and privilege sets. • Protect all files with user names and passwords.
Build security into your solutions 21 7. Consider the results of scripts. • If a script includes a step to delete records, and a web user opens the file with an account that doesn’t allow record deletion, the step to delete records won’t be executed. However, the script might continue to run, which could lead to unexpected results.
FileMaker Security Guide 11. If you are hosting web-published databases with FileMaker Server Advanced, you can use additional security measures like SSL encryption that may be available with your web server application. For more information, see “Using Secure Sockets Layer (SSL) security for web publishing” on page 23. You can also disable the web publishing technologies that you are not using. For more information, see the FileMaker Server Advanced Web Publishing Installation Guide. 12.
Build security into your solutions 23 • Review settings for remote access, such as file sharing and FTP, to ensure that direct access to upload or download files from the host computer are restricted in a manner that prevents inappropriate access to your files. • When you host a FileMaker Pro database using TCP/IP, you might be allowing uninvited visitors access to your host computer and internal network.
FileMaker Security Guide About wireless networks Another security vulnerability to be aware of are 802.11x wireless networking devices, also called “Wi–Fi” connections, which include: • a station (or the device with the 802.
