Security Guide
Table Of Contents
- Chapter 1 About database security
- Chapter 2 Security “Top 10” list
- 1. Enhance physical security
- 2. Enhance operating system security
- 3. Establish network security
- 4. Devise a plan for securing your databases
- 5. Restrict data access with accounts and privilege sets
- 6. Back up databases and other important files
- 7. Install, run, and upgrade anti-virus software
- 8. Test your security measures
- 9. Assess, iterate, and improve security measures
- 10. Upgrade to FileMaker Pro 8 and FileMaker Server 8 for security enhancements
- Chapter 3 Build security into your solutions
Chapter 1
About database security
FileMaker
®
Pro software enables you to create databases that can be used individually, shared on a
peer-to-peer basis, shared using FileMaker Server, accessed via ODBC or JDBC, or shared within
an intranet or with Internet users. It is critical that you think about what data is being shared, what
types of vulnerabilities exist, and how to protect data and database files.
In some cases, data is not particularly sensitive, business-critical, or confidential, or the software
itself is used by one individual in a secure location, or in an open, trusting environment where
security considerations are not a concern. In most cases, however, data is business-critical or
sensitive, and you must take steps to protect it. You should plan and implement security measures
in all phases of design, testing, and deployment.
About this guide
•
This document addresses security concerns for FileMaker versions 7 and 8. For information on
security for previous versions of FileMaker Pro, download documents from
www.filemaker.com.
•
To keep current on FileMaker security issues, visit the FileMaker Security web site at
www.filemaker.com/support/security, where you can sign up to receive the FileMaker Security
newsletter.
•
For step-by-step information on FileMaker Pro features, including defining accounts and
privileges to protect database files, refer to FileMaker Pro Help.
•
FileMaker Pro documentation uses the term
web
publishing
to refer to databases that users can
access on the Internet or on an intranet using a web browser.
•
This guide uses “FileMaker Pro” to refer to both FileMaker Pro and FileMaker Pro Advanced,
unless describing specific FileMaker Pro Advanced features.
Important
You can download PDFs of FileMaker 8 documentation from www.filemaker.com/
downloads. Any updates to this document are also available from the web site.
Security goals
There are three general issues to consider in protecting your FileMaker databases:
•
Privacy
•
Integrity
•
Availability
Privacy of data
When designing and deploying any database, you have a responsibility to ensure that unauthorized
people cannot access the data.