Skip to content

CyberFM

  • Home
  • FileMaker Security
  • Disclaimer
  • Privacy Policy
  • Home
  • Alexis Gehrt
  • FileMaker Security, Security, Security.
  • Alexis Gehrt

FileMaker Security, Security, Security.

Dimitris Kokoutsidis 9 years ago2 weeks ago17 mins0

Alexis Gehrt, FileMaker Konferenz 2015

Menu

  1. Why FileMaker Pro is Secure?
  2. Understanding the Security Environment: Global Threats and FileMaker
  3. Local File Security Risks: Tools and Exploits
  4. Best Practices for Account Management: Admins, Users, and Privilege Sets
  5. External Linking, File Vulnerabilities, and Secure Practices
  6. Guest Accounts: Hidden Dangers and Safer Alternatives
  7. Using BaseElements for Advanced Field Encryption and Securing Data
  8. Password Standards, Directory Integration, and Full Access Security
  9. Securing Scripts, Script Execution, and Preventing Remote Attacks
  10. SSL/TLS Security for FileMaker Server: Implementation and Monitoring
  11. Server Plugins, File Access, and Sandboxing for Safe Deployment
  12. Encryption At Rest (EAR), Data Security, and Local Backup Best Practices
  13. Advanced Threat Mitigation Techniques: Real-time Monitoring and Auditing

Why FileMaker Pro is Secure?

In his 2015 FMK talk, Alexis Gehrt laid the groundwork by affirming that FileMaker Pro is fundamentally a secure platform, but warned that understanding and configuring security is essential to protecting sensitive data. While FileMaker Pro is built with multi-layered security architecture, relying on defaults leaves vulnerabilities open to exploitation.

FileMaker’s Core Security Features:

  • Role-Based Access: FileMaker allows developers to create roles with specific privileges, preventing unauthorized access to critical functions and data.
  • Data Encryption: Built-in encryption options secure data both in transit and at rest.
  • Granular Access Control: Privilege sets can be configured to provide or restrict access to specific records, layouts, and scripts.

While these features create a robust foundation, Gehrt emphasized the importance of proactivity in securing any FileMaker system.

Understanding the Security Environment: Global Threats and FileMaker

To provide context, Gehrt discussed the broader cybersecurity landscape, drawing attention to major breaches such as the Sony Hack and the Ashley Madison breach. These incidents highlighted vulnerabilities in systems that had previously been perceived as secure, underscoring the need to treat FileMaker systems with the same level of caution as other high-risk platforms.

  • Port 5003 Scans: FileMaker Pro uses port 5003 for database access, which can easily be scanned by attackers. Gehrt recommended limiting exposure by implementing proper firewall rules and network segmentation to isolate the FileMaker Server from unnecessary external traffic.

Resources for security context:

  • Norsecorp Cybersecurity Map: A real-time visualization of cyber attacks happening globally.
  • Data Breach Visualization: Provides insights into how and where large-scale breaches have occurred.

Local File Security Risks: Tools and Exploits

Local file access presents a significant security risk, especially for databases not housed on servers. Gehrt demonstrated how tools like Lost Password could be used to bypass FileMaker’s native locking systems entirely, allowing unauthorized individuals to extract data from local copies of a database.

Key points discussed:

  • Importance of server-hosted solutions: Hosting FileMaker databases on a secure server significantly reduces the risk of unauthorized access via local files.
  • Tool exploitation: Commercial software tools like Lost Password make it trivial to bypass password protection, making local files a weak link in your security chain.

Best Practices:

  • Always use server-hosted databases over local files to ensure robust security measures.
  • Encrypt local files using FileMaker’s encryption at rest (EAR) for additional protection.

Best Practices for Account Management: Admins, Users, and Privilege Sets

One of the core recommendations from Gehrt was to carefully manage accounts, particularly admin and full-access accounts, which can pose serious risks if improperly handled. He suggested removing default admin accounts altogether or restricting them severely.

Account Management Guidelines:

  • Least Privilege Principle: Ensure that users only have access to the features and data they need. Default admin accounts should either be removed or have their access significantly restricted.
  • Privilege Set Creation: Take the time to create custom privilege sets tailored to specific roles in your organization, ensuring that each user or group has only the access they need.

In particular, Gehrt stressed the importance of keeping logs of admin access attempts and monitoring these logs for unusual activity, as admin accounts are frequent targets for malicious users.

External Linking, File Vulnerabilities, and Secure Practices

FileMaker’s external file linking functionality, particularly in versions before FileMaker 12, presented potential security issues. Files linked from external sources can introduce vulnerabilities if they aren’t managed properly.

Legacy Issues:

  • Gehrt noted that before FileMaker 12, external links were prone to being exploited because of how file IDs were handled.
  • Linked files, especially those with sensitive data, should be regularly reviewed to ensure they do not pose a security risk.

For modern solutions, Gehrt recommended:

  • Isolate linked files on secured servers and disable guest access on those files if possible.
  • Always check linked files to ensure their permissions and roles align with your current security posture.

Guest Accounts: Hidden Dangers and Safer Alternatives

One of the simplest, yet frequently overlooked vulnerabilities is the Guest Account. Gehrt explained that, while guest accounts are convenient, they pose a significant risk because they often have read access to all tables.

Key Advice:

  • Disable the Guest Account in any production environment. It is highly vulnerable because attackers can potentially use it to access records without leaving a trace.
  • Instead of guest access, use low-level user accounts that have limited permissions, such as access to a welcome screen or a locked table that contains no data.

By implementing these practices, you can minimize the risk of unauthorized access through weak guest account settings.

Using BaseElements for Advanced Field Encryption and Securing Data

Encryption is one of the best tools for securing data, and BaseElements, a widely used FileMaker plugin, offers advanced encryption capabilities that can be applied at the field level.

Gehrt demonstrated the use of AES encryption, a military-grade encryption standard, and recommended its use for any sensitive data fields.

Key Encryption Functions:

  • BE_Encrypt_AES: This function allows for simple, yet robust encryption of text fields within FileMaker.
  • BE_Decrypt_AES: Complements the encryption process, allowing encrypted data to be decrypted securely when needed.

Why Use AES Encryption?:

  • It’s free and server-capable, meaning you can apply this encryption to data at the field level without additional cost or complex infrastructure.

For more information, Gehrt pointed to BaseElements Plugin Documentation.

Password Standards, Directory Integration, and Full Access Security

Passwords are often the weakest link in any system, and Gehrt strongly recommended the use of complex passwords for all accounts, particularly Full Access accounts. For enterprise environments, integrating FileMaker with Open Directory (OD) or Active Directory (AD) helps enforce stricter password policies.

Key Points:

  • Complexity and Rotation: Ensure all accounts, particularly those with Full Access privileges, use complex passwords (a mix of upper/lowercase letters, numbers, and symbols) and rotate them regularly.
  • Integrating Directory Services: Connecting FileMaker to AD or OD ensures compliance with corporate password policies and enables single sign-on (SSO) for added convenience and security.

Additionally, FileMaker 14 introduced important security improvements that prevent unauthorized Full Access account creation, which had been a loophole in earlier versions.

Securing Scripts, Script Execution, and Preventing Remote Attacks

Scripts in FileMaker are highly functional but, if not properly secured, can be a gateway for attacks. Gehrt shared examples of how FileMaker scripts could be triggered remotely using the fmp URL protocol:

Example:

fmp://$/Database.fmp12?script=RunMe

Script Security Best Practices:

  • Block execution for unauthorized users: Only allow script execution for specific privilege sets.
  • Implement a guard clause in your scripts to ensure that they only run under the appropriate conditions.

Guard Clause Example:

If [ Get ( PrivilegeSetName ) ≠ "Admin" ]
   Exit Script
End If

This ensures that malicious scripts cannot be triggered remotely or by unauthorized users.

SSL/TLS Security for FileMaker Server: Implementation and Monitoring

Gehrt emphasized the importance of using SSL/TLS encryption to protect all communication between the FileMaker Server and its clients. From FileMaker Server 14, TLS 1.2 support ensures secure, encrypted communication.

SSL Best Practices:

  • Always use a valid SSL certificate. Gehrt suggested avoiding self-signed certificates as they present risks, particularly in production environments.
  • Monitor SSL traffic using tools like WireShark to verify that sensitive data is encrypted as expected. Ensure that all traffic over port 5003 is encrypted.

Resources: WireShark’s SSL/TLS Monitoring Tools.

Server Plugins, File Access, and Sandboxing for Safe Deployment

Server plugins provide enhanced functionality but also introduce potential vulnerabilities if not properly sandboxed. FileMaker’s plugin architecture ensures that plugins are isolated and limited in terms of file access. However, some plugins, such as BaseElements, can access sensitive system files, which can lead to potential breaches.

Gehrt’s Recommendations:

  • Only install plugins from trusted developers.
  • Regularly review plugin permissions and logs to ensure they aren’t overstepping their intended functionality.

By following these recommendations, you can minimize the risk associated with plugins and third-party tools.

Encryption At Rest (EAR), Data Security, and Local Backup Best Practices

One of FileMaker’s most powerful security features is Encryption At Rest (EAR), which ensures that data is encrypted on disk. This protects your data even if the physical media is compromised. Gehrt recommended enabling EAR for all databases containing sensitive or business-critical data.

EAR Best Practices:

  • Use 256-bit AES encryption for all databases, ensuring that if backups or physical drives are compromised, the data is unreadable without the encryption key.
  • Keep encryption keys in a secure, separate location. Ensure that only trusted personnel have access to these keys.

Testing Restores: Gehrt stressed the importance of regularly testing database restores from encrypted backups to ensure that encryption keys and backup processes work as expected.

Advanced Threat Mitigation Techniques: Real-time Monitoring and Auditing

Gehrt closed his presentation by introducing advanced techniques for mitigating real-time threats through active monitoring and auditing. He recommended tools that could be integrated into the FileMaker environment to log and track unauthorized access attempts, database changes, and unusual user behavior.

Tools Suggested:

  • FileMaker Server Log Monitoring: Regularly check logs for suspicious activity, such as multiple failed login attempts or unauthorized script executions.
  • Use third-party tools such as Wazuh for real-time behavior monitoring and intrusion detection.

Conclusion

Gehrt’s presentation at FMK 2015 emphasized the multi-layered approach required to secure FileMaker deployments in a modern digital environment. By combining basic security principles such as account management and encryption with advanced monitoring tools, FileMaker administrators can maintain secure environments while minimizing the risk of data breaches.

For those interested in further exploration of these topics, Gehrt recommended continuing to follow updates from the FileMaker Community and other trusted resources.

DOWNLOADS
Tagged: Account Active Directory Architecture Attack Backup Best Compliance Deployment Documentation Encryption Encryption At Rest FileMaker Pro FileMaker Server Firewall FM Konferenz 2015 Hosting Incident Install Integration Load Login Management Monitoring Network Open Directory Plugin Practice Principle Privilege Restore Role Server SOC SSL SSO Test Threat Update UPS Vulnerabilities Wazuh

Dimitris Kokoutsidis

Post navigation

October 5, 2015
Partnering with IT for Successful FileMaker Deployment
October 5, 2015
A Bag of Goodies: ExecuteSQL(), Named Buckets, RelationInfo…