FileMaker Security : Protect Your Data

Dimitris Kokoutsidis 18 mins0

Michael Westendorf, Jul 8, 2015, DBServices blog

Source: https://dbservices.com/blog/filemaker-safety-checklist

Menu of Chapters

  • #tag1 – Introduction to FileMaker Security
  • #tag2 – Overview of FileMaker Security Practices
  • #tag3 – Configuring Your FileMaker File for Security
  • #tag4 – FileMaker Server Security Best Practices
  • #tag5 – Managing File-Level Security
  • #tag6 – Advanced Scripting Techniques for Enhanced Security
  • #tag7 – Web Forms and FileMaker Injection Risks
  • #tag8 – Security Industry Trends
  • #tag9 – Best Practices Checklist
  • #tag10 – Conclusion

FileMaker Security: Protect Your Data

#tag1 Introduction to FileMaker Security

In the digital age, securing data is no longer optional—it’s a fundamental requirement. FileMaker, with its versatility as a database management platform, offers a variety of security features, but these must be configured properly to effectively protect sensitive information. This comprehensive guide dives deep into the various layers of FileMaker security, highlighting practices to ensure data integrity and privacy. From server setup to scripting nuances, we’ll explore how to shield your database from unauthorized access and potential threats.

#tag2 Overview of FileMaker Security Practices

The landscape of IT security is constantly evolving, with data breaches affecting businesses of all sizes. FileMaker users must be proactive, implementing strategies tailored to their specific needs and organizational culture. This section covers general guidelines:

  • Data Breach Awareness: Major incidents involving companies like Target or Anthem emphasize the importance of data protection. A secure FileMaker deployment involves a well-rounded understanding of potential threats, ranging from brute-force attacks to injection vulnerabilities.
  • Building a Security Policy: FileMaker security should not be seen as a one-size-fits-all. Each organization should develop a security policy that aligns with its tolerance for risk. This involves defining privilege sets, using encryption, and choosing whether to rely on external authentication systems.
  • Components of FileMaker Security: Key areas include disabling default accounts, setting up strong passwords, encrypting data, and configuring FileMaker Server. These elements create multiple barriers against unauthorized access, protecting the database from multiple attack vectors.

#tag3 Configuring Your FileMaker File for Security

Proper configuration is the first line of defense for securing a FileMaker solution:

Disabling Default Accounts

  • Step 1: Remove or disable the default Admin account that comes with full access. This account is well-known and can be a prime target for unauthorized access.
  • Step 2: Replace it with a unique, descriptive account name that is harder to guess, using a complex password with a mix of uppercase letters, lowercase letters, numbers, and special characters.
  • Step 3: Use passphrases instead of single-word passwords to increase complexity without sacrificing usability.

Set Minimum Version Requirements

  • Step 1: In FileMaker’s File Options, specify the minimum version that users must have to open the file. This prevents outdated clients from connecting, which may lack modern security updates.
  • Step 2: Regularly review and update the minimum version requirement after major FileMaker updates.

Control Credential Storage

  • Step 1: FileMaker allows credentials to be stored in local keychains. Disable this feature to prevent unauthorized access if a user’s machine is compromised.
  • Step 2: Educate users on secure password practices and encourage them to use password managers instead of storing credentials locally.

External Authentication Configuration

  • Step 1: If your organization utilizes a directory service (e.g., Active Directory, Open Directory), integrate FileMaker with this service.
  • Step 2: Manage user accounts centrally through your directory service. This ensures that any changes, like employee departures, are immediately reflected in FileMaker access rights.
  • Step 3: Assign user groups based on their roles to streamline privilege management.

Encryption at Rest

  • Step 1: Activate AES-256 encryption for all files. This ensures that if a file is stolen or copied, it remains protected without the decryption password.
  • Step 2: Periodically change the encryption password, and enforce multi-factor authentication when sharing it with team members.
  • Step 3: Ensure backups are also encrypted, as they can be a vulnerability if not properly secured.

#tag4 FileMaker Server Security Best Practices

The server environment is critical to a secure FileMaker solution. A properly configured FileMaker Server can prevent a variety of attacks:

Remove Default Sample Files

  • Step 1: Older versions of FileMaker Server include a sample file with default admin credentials. Remove this file entirely, as it poses a security risk.
  • Step 2: In later versions, double-check that even protected sample files are not accessible unless needed for a specific purpose.

Visibility Controls for Databases

  • Step 1: Utilize FileMaker Server’s settings to hide databases from view in the “Open Remote” dialog. This prevents users from browsing databases they should not access.
  • Step 2: Limit database visibility to authorized users only, reducing the risk of unwanted probing.

Enabling SSL

  • Step 1: Configure SSL to encrypt data transfers. Always opt for a custom SSL certificate instead of the default FileMaker one, which is intended only for development.
  • Step 2: Verify the SSL certificate through a trusted certificate authority (CA) to avoid security warnings and enhance trustworthiness.

Use of Non-Standard Ports

  • Step 1: Consider changing the default communication ports (e.g., 5003 for FileMaker traffic) to non-standard alternatives, complicating automated attack attempts.
  • Step 2: Inform internal teams and stakeholders of the port changes to avoid confusion during initial access.

IP-Based Admin Console Access

  • Step 1: Restrict access to the Admin Console based on trusted IP addresses, ensuring that only authorized personnel can manage server settings.
  • Step 2: Implement two-factor authentication for Admin Console login to add an additional security layer.

#tag5 Managing File-Level Security

Proper file-level security controls access and prevents unauthorized data exposure:

Building Custom Privilege Sets

  • Step 1: Instead of using default privileges like “Full Access” or “Read-Only,” create custom privilege sets that match your organization’s specific needs.
  • Step 2: Define access based on roles, such as Manager, Sales, or Technician, each with tailored permissions for data visibility and manipulation.
  • Step 3: Include conditional access rules. For example, limit viewing of profit fields to managerial roles using Get ( AccountName ) calculations.

Record-Level Access Controls

  • Step 1: Use FileMaker’s calculation engine to enforce record-level security, making certain records visible only to users with appropriate privileges.
  • Step 2: Avoid using global variables for setting user access since they can be manipulated by advanced users through the Data Viewer.

Field-Level Restrictions

  • Step 1: Sensitive fields like salary or medical information should be hidden from unauthorized users. Customize field permissions based on the role.
  • Step 2: Utilize conditional field visibility to ensure only relevant data is visible per user role.

Script Execution Rights

  • Step 1: Limit the ability to execute scripts to specific privilege sets, reducing the risk of accidental or malicious actions.
  • Step 2: Implement safeguards (guard clauses) within scripts that check conditions before proceeding, such as verifying that the user has the correct role.

#tag6 Advanced Scripting Techniques for Enhanced Security

FileMaker scripts are both powerful and potentially dangerous if not managed correctly:

Using Guard Clauses Effectively

  • Step 1: Add an initial check in critical scripts to verify the user’s role or context. If the user lacks the required privileges, halt the script.
  • Step 2: Pass security tokens or UUIDs as script parameters. Validate these tokens at the start of each script to ensure they match expected values.

Avoid Global Variables for Security Checks

  • Step 1: Never store security-related flags in global variables; instead, use fields tied to user sessions.
  • Step 2: Ensure that all sensitive script conditions are stored within calculation fields or locked tables.

Field-Level Encryption

  • Step 1: Encrypt fields storing sensitive data, such as credit card numbers, using specialized plugins like BaseElements or MBS.
  • Step 2: Consider combining encrypted fields with calculation fields that decrypt the data only when accessed by authorized users.

Data Viewer Risks

  • Step 1: If a user has access to FileMaker Pro Advanced, they can manipulate global variables via the Data Viewer. Minimize this risk by enforcing record-level security.

Monitoring and Audit Scripts

  • Step 1: Implement scripts that log user actions and changes, storing logs in a protected table with restricted access.
  • Step 2: Regularly review logs to detect unauthorized attempts to execute scripts or access restricted data.

#tag7 Web Forms and FileMaker Injection Risks

Interfacing FileMaker databases with web forms requires extra caution:

Sanitizing Input Data

  • Step 1: Always validate user input, rejecting unexpected characters, such as wildcard symbols (*), which can be used for injection attacks.
  • Step 2: Use Get ( ScriptParameter ) and pre-defined variables to control what values are acceptable, reducing the risk of malformed searches.

Handling Search Parameters Securely

  • Step 1: Avoid using direct user input in search criteria. Instead, preprocess inputs by quoting them to prevent unintended wildcard behavior.
  • Step 2: Use == (double equal signs) for exact matches in finds, preventing partial matches that could reveal unintended data.

Snapshot Link Risks

  • Step 1: Be aware that snapshot links can bypass the user interface security, showing sensitive data if passed around. Educate staff to handle them securely.
  • Step 2: Consider disabling snapshot links entirely if not required for your deployment.

#tag8 Security Industry Trends

Keeping up with the latest trends is vital for proactive security management:

Enhanced Encryption

  • AES-256 encryption has become the industry standard. FileMaker supports it, but implementing encryption at multiple levels is advisable, especially for sensitive industries like healthcare or finance.

Cloud vs. On-Premises

  • While cloud solutions are gaining popularity, many organizations still prefer on-premises hosting due to data privacy concerns. FileMaker offers a strong on-premises option, allowing full control over data without third-party involvement.

Two-Factor Authentication (2FA)

  • Although FileMaker doesn’t natively support 2FA, third-party solutions can be integrated to require a second form of verification before granting access.

Application Penetration Testing

  • Penetration testing is becoming more common, even for FileMaker solutions. Regular security assessments can highlight vulnerabilities and ensure compliance with data protection regulations.

#tag9 Best Practices Checklist

File Configuration:

  • Disable the Admin account.
  • Use complex, passphrase-style passwords.
  • Enable file encryption with AES-256.
  • Regularly review privilege sets.

Server Configuration:

  • Remove default sample files.
  • Enable SSL with a custom certificate.
  • Use non-standard ports for communication.
  • Restrict Admin Console access by IP.

User Management:

  • Use external authentication for centralized control.
  • Implement strict role-based access.
  • Enforce minimum password complexity.

Scripting Security:

  • Utilize guard clauses to protect critical scripts.
  • Avoid global variables for security purposes.
  • Encrypt sensitive fields using plugins.

Web Security:

  • Sanitize web form inputs.
  • Use quoted search criteria.
  • Disable unnecessary snapshot links.

#tag10 Conclusion

Implementing a robust security strategy in FileMaker requires a multi-layered approach, from file-level controls to server configurations and secure scripting practices. With the ever-evolving landscape of security threats, it’s crucial to stay informed about the latest developments and adjust your security practices accordingly. By following the guidelines outlined in this post, you can protect your FileMaker data effectively, ensuring it remains safe from unauthorized access while maintaining its flexibility and ease of use.

Feel free to explore future blog posts that will dive deeper into specific FileMaker security concerns, including advanced scripting techniques, field encryption, and case studies on real-world vulnerabilities and their mitigation.

Dimitris Kokoutsidis