How Not to Worry About Security in FileMaker

Tim Neudecker, FileMaker DevCon 2019

Session Overview
Why Security Matters
FileMaker Security Tools

• External Authentication
• Passwords and Best Practices
• Privilege Sets
• File Access Control
• Secure Socket Layer (SSL)
• VPN: Safeguarding Remote Access
• Physical Security
• Encryption at Rest (EAR)
  How to Defend Against Rogue FileMaker Access
• Demo of Breaching Weak File Access
• How to Prevent Breaches
  Password Management: NIST Guidelines
• New Standards for Strong Passwords
  The Importance of Backups
• Testing Your Backups
  Conclusion: Security Should Never Be an Afterthought

Session Overview

Tim Neudecker’s session at FileMaker DevCon 2019, titled “How Not to Worry About Security”, emphasized the importance of integrating security into FileMaker applications from the ground up. Security, often considered an afterthought in many development processes, should be the first concern, given the vast array of threats and vulnerabilities in today’s digital landscape.

Neudecker demonstrated how simple it is to secure FileMaker apps using the platform’s built-in tools. This blog post provides an in-depth breakdown of his session, including examples of poor security practices, ways to breach insecure FileMaker apps, and the steps you can take to avoid these pitfalls.

Why Security Matters

Tim Neudecker emphasized that security isn’t just about keeping hackers out, but also about ensuring data integrity and reliable access to your system. If you don’t prioritize security, users won’t trust your application, especially if they encounter bad data or network issues. In the context of FileMaker, it’s crucial to protect both the data and the application code.

Security must also ensure proper data validation. When bad data slips into the system, it undermines user confidence and can lead to significant issues later on. Additionally, a reliable server and network setup ensure that no data is lost due to connectivity issues or server failures.

FileMaker Security Tools

Neudecker walked the audience through six key tools that FileMaker provides for securing applications. Using these tools is essential for building robust, secure systems:

External Authentication

FileMaker integrates smoothly with corporate authentication systems like OAuth, Microsoft 365, Google, and Amazon, allowing IT departments to manage passwords and user access from a single point.

This means:

• You don’t have to reset passwords manually when employees forget them.
• When someone leaves the company, IT can simply disable their account, and they’ll lose access to the FileMaker app.

Neudecker emphasized that multi-factor authentication (MFA) adds another critical layer of security, where users need a second authentication factor (such as a fingerprint or a token) in addition to their password. This helps ensure that even if passwords are compromised, access to the system remains secure.

Implementation Steps for External Authentication:

1. Tie FileMaker to your organization’s existing authentication system.
2. Enable OAuth for Amazon, Google, or Microsoft 365 accounts for seamless integration.
3. Set up multi-factor authentication for enhanced security.

Passwords and Best Practices

Password policies should focus on length rather than complexity. While older guidelines from NIST recommended complex combinations of characters, Neudecker pointed out that the current best practice is to require longer passwords, which are much harder to crack.

Key Tips:

• Use passwords with at least 12 characters.
• Do not reuse passwords across multiple sites.
• Develop an algorithmic approach to creating unique passwords for different systems (e.g., using a phrase combined with characters from the system name).

Neudecker noted that short, complex passwords often lead users to write them down or reuse them, both of which are security risks.

Examples of Password Creation Algorithms:

For example, to create a unique password for a banking app like Chase, you might take the phrase “ScoobyDooWantsATreat” and mix it with the first and last characters of the service, resulting in: SCScoobyCooWantsCTreatE.

Privilege Sets

Privilege Sets are a core feature in FileMaker for managing access to records, layouts, and scripts. Neudecker recommended using whitelisting, which allows you to explicitly specify what users can do, rather than blacklisting, which blocks only certain actions.

Best Practices for Privilege Sets:

• Use extended privileges to assign access to groups rather than hardcoding permissions.
• Regularly audit and update privileges to ensure they match the user’s role.

Extended privileges, such as allowing access to accounting reports, make it easier to manage permissions without modifying individual scripts. By checking whether a user has a specific privilege, you can control their access dynamically.

How to Set Up Privilege Sets:

1. Navigate to Manage Security.
2. Define extended privileges like “accounting reports.”
3. Check scripts against the extended privileges to determine if a user can run them.

File Access Control

Introduced in FileMaker 18, File Access Control ensures that only authorized files can access your data. This simple feature prevents rogue FileMaker files from accessing sensitive information by requiring that files be explicitly authorized.

Steps to Activate File Access Control:

1. Go to File > Manage Security.
2. Enable File Access Control.
3. Make sure only trusted files are authorized to access your data.

Once activated, File Access Control locks out unauthorized files and prevents them from linking to your data, adding a significant layer of protection.

Secure Socket Layer (SSL)

SSL encrypts the communication between clients and the FileMaker server, ensuring that data sent over networks, especially public Wi-Fi, cannot be intercepted. Neudecker noted that SSL certificates authenticate the server to ensure clients are connecting to the right system.

How to Implement SSL:

1. Purchase an SSL certificate from a trusted authority.
2. Install the certificate on your FileMaker Server.
3. Test the connection to ensure that users see the trusted green padlock icon.

SSL encryption is crucial in any environment where data is transmitted over the internet or public networks. Even if your server is internal, SSL ensures that data is safe from prying eyes.

VPN: Safeguarding Remote Access

Using a VPN (Virtual Private Network) adds an additional layer of encryption for users connecting to FileMaker from remote locations. This is especially important in environments like conferences, where Wi-Fi security may be weak.

Neudecker recommended NordVPN or dedicated VPN hardware like AnaBox to secure your connection when working outside the office.

VPN Setup Tips:

1. Set up a VPN on your FileMaker server or office network.
2. Ensure that all remote users connect through the VPN before accessing sensitive data.
3. Consider using VPN devices like AnaBox to protect your whole family or team when traveling.

Physical Security

Physical access to your FileMaker server is just as critical as virtual access. Neudecker illustrated how easily a rogue actor with physical access could use devices like the USB Rubber Ducky to extract data or inject harmful code.

Security Tips for Physical Access:

• Lock servers in secure, restricted areas.
• Restrict access to USB ports and other physical connections.
• Use devices like RSA tokens or YubiKeys for multi-factor authentication at the hardware level.

How to Defend Against Rogue FileMaker Access

In one of the most impactful parts of his session, Neudecker demonstrated how easily an attacker with minimal access could breach a FileMaker app by creating rogue relationships between files. He explained how this can expose hidden fields, such as super-secret fields or salary fields, that were meant to be protected.

Demo of Breaching Weak File Access

Using a rogue file, Neudecker showed how he could:

• Bypass layout restrictions by creating custom layouts.
• Access and modify fields not visible to the user.
• Run scripts that the user should not have access to, including deleting records.

By demonstrating these weaknesses, Neudecker stressed the importance of properly securing privilege sets and restricting access to sensitive fields and scripts.

How to Prevent Breaches

To prevent these kinds of breaches, developers should:

1. Lock down privilege sets properly for both fields and scripts.
2. Enable File Access Control to prevent unauthorized file linking.
3. Test your FileMaker system regularly to find and fix weak points.

Password Management: NIST Guidelines

Neudecker highlighted the NIST’s updated guidelines for password management, debunking old myths about password complexity and recommending length as the most critical factor in password strength. He recommended using phrases for passwords, and a formula for creating unique passwords across different sites.

New Standards for Strong Passwords

• Focus on length (at least 12 characters).
• Avoid reusing passwords across multiple sites.
• Use a password manager to track different passwords securely.

The Importance of Backups

No security system is complete without backups. Neudecker explained that backups are not only about protecting against data loss due to hardware failure but also essential for protecting against human error. A regular backup schedule ensures you can always recover from accidental deletions or unauthorized changes.

Testing Your Backups

Even more important than making backups is testing them. Neudecker shared stories of companies that thought they were backing up their data, only to discover that their backups were corrupted or incomplete. Regularly test your backup system by restoring files and verifying data integrity.

Conclusion: Security Should Never Be an Afterthought

Neudecker wrapped up his session by emphasizing that security should never be an afterthought. With just a few clicks, developers can significantly harden their FileMaker applications and protect both their users and data.

In Summary:

1. Implement privilege sets to control user access.
2. Use external authentication and multi-factor authentication.
3. Require long passwords to enhance security.
4. Activate File Access Control to prevent rogue file access.
5. Always use SSL for secure connections.
6. Make sure you have off-site backups and test them regularly.
7. Use VPNs to secure connections over public networks.
8. Protect servers from physical access and use encryption at rest to safeguard data.

With these best practices in place, you can confidently develop secure FileMaker applications that protect both your business and your users from potential threats.

https://community.claris.com/en/s/article/SHA03-2019