3.1 C
Thursday, November 30, 2023
HomeFileMaker Safety Checklist | DB Services

FileMaker Safety Checklist | DB Services

Filemaker security checklist
The FileMaker platform does a great job providing native security features for your organization. While no organization can have too much security, the key is finding a comfort level that best fits your company. I always recommend organizations sit down and really think about one question: What would happen if your data were to be compromised? Once you know the answer you can begin to draft and implement a security policy that is right for your organization.

I offer up my own checklist as a way to guide your security discussions and a reference for protecting your data. Keep in mind most businesses do not implement everything on this list. It is meant as a quick reference to spur discussion and ensure your application is protected.

File Checklist

Enable Encryption At Rest, be sure to document password

Enable File Access Restrictions in Manage Security

Disable automatically opening the file with account credentials

Set the minimum required version in File Options

Use External Authentication when possible

Disable/Remove the default Admin account

Consider hiding your files from being shown when hosted

Enable disconnecting users from server when idle

Disable storing passwords in the Credential Manager

Consider requiring a minimum length password for all users

Consider requiring users to change their passwords

Server Checklist

Remove sample file from FileMaker Server

Disable unused technologies (XML, PHP, WebDirect)

Enable SSL on Server with a custom certificate

Enable HTTPS for Progressive Downloads (requires a custom cert)

Enable client timeout

Disable Installing Plug-ins on Server

Consider changing the default ports from 80 and 443 to non-standard ports

Restrict admin console access by IP Address

General Tips

Keep FileMaker up-to-date with the latest security patches

Block non full access accounts from using FileMaker Pro Advanced

Limit plugin usage with Get( InstalledFMPlugins )

Use guard clauses to ensure scripts run from correct platform

Send credentials via encrypted email using a service like

Watch on Youtube: FileMaker Security : Protect Your Data

Checkout our presentation on FileMaker Security with the FM Academy. Reach out to us when you are ready to implement your FileMaker Security Policy or to take your application to the next level.

Source link

Filemaker Cloud Server
MC Services

explore more