Skip to content

CyberFM

  • Home
  • FileMaker Security
  • Disclaimer
  • Privacy Policy
  • Home
  • David Head
  • FileMaker Security
  • David Head

FileMaker Security

Dimitris Kokoutsidis 12 years ago2 weeks ago31 mins0

David Head, FileMaker DevCon 2012

Database security is an essential but often overlooked aspect of system development, typically only considered in the final stages before deployment. In his 2012 DevCon session, David Head emphasized the need for security planning to begin at the initial stages of database development and to be regularly revisited throughout the lifecycle of the solution. This blog post expands on key insights shared in the session, focusing on various elements of FileMaker security, from privilege management to encryption, with practical advice for securing both FileMaker Pro and FileMaker Go solutions.

Menu

  1. The Importance of Security in FileMaker Solutions
  2. What Security Is – and What It Isn’t
  3. Deep Dive into File Access Security
  4. Extended Privileges and Their Key Role in Security
  5. Ensuring the Security of FileMaker Go and FileMaker Server
  6. Comprehensive Best Practices for Database Security
  7. Ongoing Auditing and User Training for Secure Systems
  8. Key Takeaways and Actionable Security Steps

The Importance of Security in FileMaker Solutions #tag1

As database solutions become increasingly complex, security becomes a critical concern for developers, administrators, and businesses. In David Head’s session, he stressed the importance of integrating security into every step of the FileMaker solution development process. Here’s why security must be a priority from day one:

1. Compliance with Industry Regulations

Many industries, including healthcare, finance, and government, require compliance with specific regulations that mandate stringent data protection protocols. Examples include:

  • HIPAA (Health Insurance Portability and Accountability Act): Healthcare organizations must ensure that patient data remains confidential, and strong encryption is required both at rest and during transmission.
  • GDPR (General Data Protection Regulation): In the EU, GDPR mandates strict controls on personal data handling, including encryption, access control, and breach notifications.
  • PCI DSS (Payment Card Industry Data Security Standard): Businesses handling credit card data must adhere to PCI DSS, which mandates encryption, strong authentication, and regular security audits.

Failure to comply with these regulations can result in hefty fines, legal action, and loss of business reputation. Starting with security-first design ensures compliance with these legal obligations and keeps your business safe.

2. Protection Against Internal and External Threats

Database breaches often occur due to internal vulnerabilities, including weak passwords, poorly managed privileges, and improper file access. Security is essential to protect data from both external cyber threats, such as hackers, and internal threats, including malicious employees or inadvertent errors. Ensuring that proper access controls, encryption, and monitoring are in place can prevent unauthorized data access or manipulation.

3. Data Integrity and Business Continuity

Data is one of the most valuable assets a business owns. Without proper security measures, the integrity of that data can be compromised, leading to inaccurate records, fraudulent transactions, or corrupted files. Additionally, a successful cyberattack can lead to system downtime, data loss, and operational disruptions that affect business continuity.

By considering security throughout the development process, from design to deployment and ongoing management, businesses can safeguard their critical data, ensure availability, and build a robust defense against potential threats.

Back to Menu

What Security Is – and What It Isn’t #tag2

There are common misconceptions about what constitutes true security in a FileMaker solution. David Head’s session addressed several common pitfalls developers fall into, mistaking UI design decisions for genuine security mechanisms.

Misconceptions About Security

  • Hiding Fields or Data: Simply removing fields from a layout does not mean the data is secure. Users can still access this data through exports, scripts, or by creating new layouts. It is crucial to implement proper access control through privilege sets, not just by obscuring data from view.
  • Conditional Formatting: Making fields or text invisible using conditional formatting may make data harder to see, but it doesn’t restrict access. Data remains accessible through other means, such as copy-pasting or exporting.
  • Custom Menus: Removing menu options like “Export Records” from the interface may limit user interactions, but it does not block users from accessing those features via scripts, or by accessing FileMaker directly. Custom menus should not be relied upon as the sole security measure.
  • Default Logins or Scripted Credential Handling: Relying on default accounts or scripted processes to handle user authentication without securing the database at the file level is a weak approach. Hackers or unauthorized users could bypass these scripts and gain access directly.

True Security Measures

True security in FileMaker requires several layers of protection that go beyond superficial changes to the user interface. The following are essential components of a robust security system:

  • Account Management: Each user must have a distinct account with a unique username and strong password. Authentication should be enforced at the account level, using the most secure methods available, such as external authentication or OAuth integration.
  • Privilege Sets: Control what users can see and do in the system. Privilege sets allow for granular control over what actions a user can perform (e.g., read-only access, edit records, delete data) and what layouts, scripts, or fields they can interact with.
  • Encryption: Encrypting data both at rest and in transit ensures that sensitive information remains secure even if the physical device or database file is stolen. FileMaker supports Encryption at Rest (EAR) using AES-256 encryption, which protects data stored on disk.
  • Auditing and Logging: Logging user activities and changes in the system allows administrators to monitor access and track any suspicious activity, ensuring accountability for actions taken within the database.

These strategies provide real security, ensuring that your FileMaker solution remains protected against both internal errors and external attacks.

Back to Menu

Deep Dive into File Access Security #tag3

File Access Security is a fundamental aspect of securing a FileMaker solution. It is important to control not only who can access your files but also what they can do once they have access. David Head covered critical components of file access security and how FileMaker’s account management and privilege sets contribute to a secure solution.

1. Managing Accounts and Privilege Sets

In FileMaker, every user must be authenticated through an account, and each account is linked to one or more privilege sets that define what actions a user is allowed to perform. These privilege sets provide fine-grained control over access to records, layouts, scripts, and other elements.

  • Accounts: Each account is associated with a username and a password, which users must enter to access the database. FileMaker provides built-in user authentication or the option to use external authentication via Active Directory (AD) or Open Directory (OD) for centralized user management.
  • Privilege Sets: Privilege sets define which layouts, fields, and records a user can access, as well as what they can do (e.g., read, edit, delete). Customizing privilege sets allows you to restrict sensitive operations, such as exporting data or printing records, to specific users.

2. File Access in Multi-File Solutions

In multi-file FileMaker solutions, it’s essential to ensure that file access security is consistent across all files. FileMaker allows users to reuse their credentials when accessing different files, but inconsistent privilege sets or security settings between files can create vulnerabilities.

  • Cross-File Account Consistency: Ensure that accounts and privilege sets are synchronized across files to avoid creating gaps in security where users may have unintended access.
  • Shared IDs: If multiple files are part of the same solution, consider using Shared IDs to allow users to open multiple files without re-entering their credentials for each file. Shared IDs streamline access management but must be configured carefully to maintain security across all files.

3. External Authentication and Single Sign-On (SSO)

For large organizations, using external authentication provides a more scalable and secure method for managing user access. By integrating FileMaker with Active Directory or Open Directory, administrators can enforce enterprise-wide security policies, including single sign-on (SSO), password complexity rules, and account expiration.

  • Benefits of External Authentication:
    • Centralized management of user accounts.
    • Consistency in password policies, such as requiring frequent changes or stronger password criteria.
    • Simplified login process, where users only need to remember one set of credentials for all systems.

By configuring accounts and privilege sets correctly and leveraging external authentication where possible, you can ensure that your FileMaker system remains secure against unauthorized access.

Back to Menu

Extended Privileges and Their Key Role in Security #tag4

Extended privileges in FileMaker are an additional layer of security that controls how users interact with the system beyond basic data access. Extended privileges allow developers to configure specialized security features, such as enabling or restricting access to FileMaker Go or web-based interfaces.

1. Default Extended Privileges

FileMaker comes with a range of default extended privileges that manage different types of access. Some of the most important ones include:

  • fmapp: Grants users access to the database via FileMaker Pro or FileMaker Go. This is the most common extended privilege, as it is necessary for general access.
  • fmiwp: Allows access to the database via FileMaker WebDirect, enabling users to interact with the system through a web browser. This privilege should only be enabled for users who require web access, as WebDirect introduces additional security concerns.
  • fmxml and fmphp: Enable XML or PHP access to the database, allowing integration with web applications or external systems. These privileges should be enabled with caution, as they open additional data endpoints.
  • fmxdbc: Enables access via ODBC or JDBC, allowing the FileMaker database to connect with external reporting tools or other databases. This should only be enabled for users who require external data access.

2. Custom Extended Privileges

FileMaker allows developers to create custom extended privileges for even more specific control over user interactions. For example, you can define custom privileges to control:

  • Access to specific scripts: You can create an extended privilege that restricts users from running certain scripts, ensuring that only authorized users can execute sensitive operations.
  • Access to layouts or data views: Custom extended privileges can restrict access to specific layouts or reports, protecting sensitive data from being viewed or edited by unauthorized users.

3. Extended Privileges for FileMaker Go

FileMaker Go, the mobile version of FileMaker, introduces additional security concerns. To address these, FileMaker offers extended privileges specific to mobile use. One of the most important is fmreauthenticate.

  • fmreauthenticate: This extended privilege enforces re-authentication after a defined period of inactivity. For example, after 10 minutes of inactivity, the user must re-enter their credentials to regain access. This prevents unauthorized access in case the mobile device is lost or stolen.
  • Time-Based Restrictions: Administrators can configure how long the system waits before requiring re-authentication. This ensures that sensitive data remains protected even if a device is left unattended.

By using default and custom extended privileges, you can enhance the security of your FileMaker solution, ensuring that users have only the access they need to perform their tasks, while minimizing unnecessary exposure to risks.

Back to Menu

Ensuring the Security of FileMaker Go and FileMaker Server #tag5

David Head emphasized the importance of securing both FileMaker Go (for mobile users) and FileMaker Server (for multi-user hosted solutions). Each platform introduces specific challenges that require careful configuration to protect sensitive data.

1. Securing FileMaker Go for Mobile Users

FileMaker Go is a powerful tool that allows users to access and interact with databases on iOS devices. However, mobile devices are inherently more vulnerable to theft, loss, and unauthorized access. To address these challenges, the following security measures should be implemented:

  • Re-Authentication: As mentioned, the fmreauthenticate extended privilege forces users to re-enter their credentials after a period of inactivity. This ensures that if a mobile device is lost or left unattended, unauthorized individuals cannot access sensitive data.
  • Encryption at Rest: Any data stored locally on the mobile device should be encrypted. FileMaker offers AES-256 encryption, which ensures that even if the device is compromised, the data remains secure.
  • Restricting Offline Access: To minimize the risk of data exposure, consider limiting offline access to sensitive areas of the database. Users accessing the system offline should have read-only access, or access to a subset of the data, reducing the risk of data theft.
  • Device Security: Encourage users to enable device encryption and use strong passcodes for their mobile devices. FileMaker Go’s security is only as strong as the device it’s running on, so protecting the device itself is crucial.

2. Securing FileMaker Server for Multi-User Solutions

For databases hosted on FileMaker Server, it’s essential to secure the server environment and protect connections between the server and client devices. The following best practices ensure that FileMaker Server is properly secured:

  • SSL Encryption: All communication between clients and FileMaker Server should be encrypted using SSL certificates. This ensures that data is protected from interception during transmission over the network.
  • Administrator Groups: Use Administrator Groups to delegate server management responsibilities. By assigning specific users to groups with defined privileges, you can limit access to critical server functions and ensure that sensitive settings aren’t accidentally changed.
  • IP Address Restrictions: For added security, limit access to the FileMaker Server Admin Console based on IP address. This ensures that only trusted devices can log in and make configuration changes.
  • Regular Updates and Patching: Ensure that the FileMaker Server is kept up to date with the latest security patches. Regular updates help protect the system from known vulnerabilities and improve overall performance.

By securing both mobile and server environments, businesses can protect their data and maintain the integrity of their FileMaker systems, whether users are accessing data on-site or remotely.

Back to Menu

Comprehensive Best Practices for Database Security #tag6

A well-secured FileMaker solution requires a combination of planning, configuration, and ongoing management. David Head provided a set of best practices to help developers and administrators secure their databases effectively.

1. Implement Role-Based Access Control (RBAC)

Use role-based access control to assign users specific roles based on their job functions. This ensures that users only have access to the data and features they need to perform their tasks.

  • Fine-Tuning Privileges: Avoid granting broad privileges. For example, give users read-only access if they do not need to edit records, and disable the ability to export data unless it is required.

2. Use Encryption Everywhere

Encrypt sensitive data both at rest and in transit to ensure that it remains secure, even if the database file or server is compromised.

  • Encryption at Rest (EAR): FileMaker’s AES-256 encryption at rest ensures that data stored on disk is protected.
  • SSL/TLS Encryption: Secure client-server communication by using SSL encryption to protect data from eavesdropping or interception during transmission.

3. Secure Authentication Methods

Use secure authentication methods to ensure that only authorized users can access the database.

  • Strong Password Policies: Enforce strong password policies, including requiring complex passwords and regular password changes.
  • Two-Factor Authentication (2FA): While FileMaker does not natively support 2FA, consider integrating third-party solutions that add an additional layer of protection during login.

4. Regularly Audit User Access

Conduct regular audits of user accounts, privilege sets, and extended privileges to ensure that security configurations remain appropriate. Users’ access needs may change over time, so it’s essential to regularly review and adjust their access rights.

  • Audit Logs: Monitor logs to track user activities and detect any suspicious behavior. Auditing logs regularly can help detect unauthorized access or potential security breaches.

5. Plan for Incident Response

Develop an incident response plan that outlines the steps to take in case of a security breach. The plan should include:

  • Notification Procedures: Ensure that affected parties, such as users or regulators, are notified of breaches promptly.
  • Data Recovery: Have a backup and recovery plan in place to restore lost or corrupted data.
  • Root Cause Analysis: Conduct a root cause analysis to identify how the breach occurred and what steps can be taken to prevent it from happening again.

By following these best practices, businesses can ensure that their FileMaker solutions remain secure and resilient against cyber threats.

Back to Menu

Ongoing Auditing and User Training for Secure Systems #tag7

Security is not a one-time setup; it requires continuous monitoring, auditing, and user education to ensure that systems remain protected as threats evolve. David Head emphasized the importance of ongoing auditing and training to maintain a secure FileMaker environment.

1. Regular Security Audits

Conducting regular security audits helps identify potential vulnerabilities before they can be exploited. These audits should include:

  • Reviewing Privilege Sets: Ensure that privilege sets are appropriately configured for all users. Over-privileged accounts are a common source of security vulnerabilities.
  • Monitoring Account Activity: Use audit logs to monitor user activity and detect any unusual behavior. Unexpected access patterns, such as users attempting to access restricted areas, may indicate an ongoing breach.
  • Updating Security Configurations: As your FileMaker solution evolves, so too should your security configurations. Ensure that security settings are updated to reflect changes in business processes, new users, and updated technology.

2. User Training and Awareness

One of the most significant security risks is user behavior. Even the most secure system can be compromised by a user falling for a phishing attack or using weak passwords. Regular training can mitigate this risk by educating users on security best practices.

  • Password Management: Teach users the importance of using strong passwords and never sharing them with others. Implement password managers to help users generate and store strong passwords securely.
  • Phishing Awareness: Phishing attacks remain one of the most common ways that hackers gain access to secure systems. Training users to recognize phishing emails and avoid clicking on suspicious links can significantly reduce the risk of a security breach.

By continuously auditing your system and training users on security best practices, you can ensure that your FileMaker solution remains secure in the long term.

Back to Menu

Key Takeaways and Actionable Security Steps #tag8

David Head’s session on FileMaker security provided invaluable insights into building and maintaining a secure FileMaker environment. Here are the key takeaways:

  • Start Security Planning Early: Security should be considered from the very beginning of the development process, not left until the final stages before deployment.
  • Use Privilege Sets and Accounts to Control Access: Define roles and responsibilities carefully, and assign users the minimum level of access required to perform their duties.
  • Leverage Extended Privileges: Use extended privileges to manage how users access your system, especially when dealing with mobile or web access.
  • Secure FileMaker Go and FileMaker Server: Mobile devices and server-based solutions require additional security considerations, including encryption, re-authentication, and SSL for secure communications.
  • Follow Security Best Practices: Implement role-based access control, encryption, strong authentication, and regular audits to keep your FileMaker solutions secure.

By following these actionable steps, developers and administrators can ensure that their FileMaker systems are protected from both internal and external threats, maintaining the integrity and confidentiality of their data.

Back to Menu

This expanded blog post provides an in-depth analysis of David Head’s DevCon 2012 session on FileMaker security. By implementing the security strategies discussed, developers can protect their FileMaker solutions from potential threats and ensure compliance with industry standards. Continuous auditing and user education are essential to maintaining security throughout the lifecycle of a FileMaker solution.

DevCon 2012 – COR005 – FileMaker Security David Head (FileMaker, Inc.)

Tagged: Account Active Directory Attack Audit Log Authentication Backup Best Compliance Confidentiality Continuity Credentials Deployment Encryption Encryption At Rest FileMaker Go FileMaker Pro FileMaker Server FM DevCon 2012 GDPR Incident Integration Integrity Logging Login Management Monitoring Network Notification OAuth Open Directory Phishing PHP Plan Practice Privilege Procedure Recovery Report Response Restore Role Server SOC SSL SSO Test Threat Training Transactions Update UPS Vulnerabilities Web XML

Dimitris Kokoutsidis

Post navigation

October 5, 2012
Everything you ever wanted to know about FileMaker Server backups
October 5, 2012
FileMaker backups to a network share