5.1 Security basics in FileMaker
The security of your database application is critical, especially if your application contains sensitive or business-critical information. In this chapter, we cover the basics of security in FileMaker, including user management, defining roles and privileges, and securing databases through encryption. These security measures will help you control access to your database and protect your data from unauthorized access.
Table of contents
Introduction to user administration
What is user management?
User management in FileMaker allows you to control who can access your database and what actions users are allowed to perform in the database. It is a central element of data security, as it ensures that only authorized persons can access certain data or use certain functions.
Create user accounts
- Access to the security administrationTo manage user accounts, open FileMaker and go to File > Manage > Security. This opens the dialog for the security settings of your database.
- Add user: In the security dialog, click on New user. Here you can enter the user name, password and other access information. You can also specify whether the user must change their password the first time they log in.
- Assignment of rolesAfter you have added a user, you must assign them a role. The role determines which actions the user is allowed to perform in the database. Roles and their associated privileges are discussed in detail in the next section.
- Set password guidelinesTo increase security, you should define password guidelines. This could include requirements for password length, complexity or the frequency of password changes.
Best practices for user administration
- Unique user accountsEnsure that each user has a unique account instead of using shared accounts. This makes it easier to track activities and increases security.
- Regular reviewCheck the list of users regularly and remove accounts that are no longer required, especially if employees have left the company.
- Use of two-factor authentication (2FA)If possible, implement 2FA to add an additional layer of security.
FileMaker ERP with integrated user administration
More information
Define roles and privileges
What are roles and privileges?
Roles (privileges) and privileges determine what users are allowed to do in the FileMaker database. A role is a collection of privileges assigned to a user or user group. Privileges define access to certain areas of the database, such as viewing, editing, deleting records or access to certain layouts, scripts and menus.
Creating roles
- Create authorizations in the security dialog: In the security dialog, go to Manage > Security > Advanced settings. Here you can create new roles or edit existing ones. Click on Newto create a new role.
- Set authorizationsSelect the privileges that are to be linked to the role. This includes access to tables, layouts, scripts and menus as well as the authorizations for creating, editing and deleting data records.
- Access rights to tables and layouts: Determine which tables and layouts users with this role are allowed to see and edit.
- Script authorizationsSpecify which scripts the user is allowed to execute. You can restrict access to certain scripts or only allow reading and execution.
- Assign menu sets: Determine which menus and menu options are visible and accessible to users.
- Assigning roles to usersOnce the role has been defined, you can assign it to the corresponding users or user groups. This ensures that each user only has the authorizations that are required for their work.
Adjustment of privileges
- Fine-tuning the privilegesYou can further customize the privileges to meet specific requirements. For example, you can restrict access to certain fields within a table or use complex calculations to control access.
- Use of calculations for accessIn some cases, it may be useful to use calculations to control access. For example, you could specify that a user may only access data records that they have created themselves:
If [Table::CreatedFrom = Get(AccountName)]
Show own dialog box ["Full access"]
Otherwise
Show own dialog box ["Access denied]
End If
Best practices for roles and privileges
- Principle of least privilegeOnly give users the rights they need for their work. This minimizes the risk of unintentional changes or security breaches.
- Regular reviewCheck the assignment of roles regularly and adjust the privileges if the user requirements change.
- Testing the rollersTest the new roles thoroughly to ensure that users have neither too many nor too few rights.
gFM-Business Open Source FileMaker Basis-ERP
The software for the crash course
Download for free
Securing databases through encryption
Why is encryption important?
Encryption is a central component of data security in FileMaker. It protects your data by converting it into an unreadable format that can only be recovered by entering the correct key. This is especially important if your database contains sensitive information or if the database is used on mobile devices or over the internet.
SSL encryption with the FileMaker Server
- SSL for data transmissionIf your database is used over the Internet or on a network, you should enable SSL (Secure Socket Layer) to encrypt the data during transmission. With FileMaker Server, use your own SSL certificate rather than the built-in default certificate. This protects the data from eavesdropping attempts and manipulation.
- Manage certificatesTo use SSL, you need a valid security certificate. FileMaker Server allows you to manage your own certificates or use a certificate issued by a certificate authority.
Best practices for encryption
- Use strong passwordsChoose a strong encryption password that is difficult to guess and is changed regularly.
- Safe handling of keysKeep encryption keys safe and only share them with authorized persons.
- Regular review and updatingCheck the encryption settings regularly and update the encryption if security requirements change.
Summary
The security of your FileMaker database should always be a high priority. By carefully managing users and roles, implementing encryption strategies, and regularly reviewing and adjusting your security policies, you can ensure that your data is protected from unauthorized access. These basics will help you to develop a secure and trustworthy database application that meets the requirements of modern security standards.
