Security Guide
Table Of Contents
- Chapter 1 About database security
- Chapter 2 Security “Top 10” list
- 1. Enhance physical security
- 2. Enhance operating system security
- 3. Establish network security
- 4. Devise a plan for securing your databases
- 5. Restrict data access with accounts and privilege sets
- 6. Back up databases and other important files
- 7. Install, run, and upgrade anti-virus software
- 8. Test your security measures
- 9. Assess, iterate, and improve security measures
- 10. Upgrade to FileMaker Pro 8 and FileMaker Server 8 for security enhancements
- Chapter 3 Build security into your solutions
Security “Top 10” list 11
• Determine if you need individual accounts for each user (recommended), or accounts that
multiple users can share (such as a “Marketing” or a “Sales” account).
It is possible to create a small number of accounts that are shared among many individuals (such
as a “Marketing” account and a “Sales” account). However, keep in mind that shared accounts
are a security risk. For better security, use individual accounts instead of shared accounts. If you
intend to use shared accounts anyway, make sure you limit the access capabilities of the privilege
sets that shared accounts use. Change the password occasionally, particularly when certain users
no longer require access.
• Decide if you want to enable the Guest account, which permits users to open the file without
logging in and providing account information. If you’re using the Guest account, assign the most
limited privilege set possible; otherwise, consider disabling it.
• Determine if you need to enable any extended privileges (for example, FileMaker Network
sharing or Instant Web Publishing) for certain privilege sets.
• Create the accounts you need in the file, and assign the appropriate privilege set to each account.
Consider developing a grid that lists the types of users and summarizes their privileges:
*You can provide limited access to some features, for example deleting records, by using record-
by-record privileges. For more information on record-by-record privileges, see FileMaker
Pro
Help.
5. Restrict data access with accounts and privilege sets
Use accounts and privilege sets to provide the most basic security method within FileMaker Pro
files. With accounts and privilege sets, you can limit what users can see and do in a database file.
You can restrict:
• File access: Require users to enter an account name and password in order to open a file.
• Data access: Make particular records or fields from individual tables view-only, or hide them
completely.
• Layout access: Prevent users from viewing or modifying layouts in Layout mode.
• Access to value lists and scripts: Prevent users from accessing and modifying value lists and
scripts, and from running scripts.
Type of
users
View
records
Create
records
Edit
records
Delete
records
Modify
scripts
Execute
scripts
Modify
Value lists Menus
Managers Yes Yes Yes Yes Yes Yes Yes All
Marketing Yes Yes Yes Limited* Limited* Yes No Editing only
Sales Yes Yes Yes Limited* No Yes No Editing only
HR Yes Yes Yes Yes Yes Yes No All
Legal Yes No No No No Yes No Minimum
Guests Yes No No No No No No Minimum