FileMaker Security – 3 Key Considerations


Is FileMaker Good with Security?

A common consideration to make when using a tool for processing your business data is how well it can handle the security aspect of the whole process. Can you make sure that nothing will leak outside of the organization, or that nobody can potentially break in without proper authorization? Some apps are harmless enough that they don’t warrant too much attention to their security. But when you’re dealing with something that manages sensitive data, or a large volume of your business information, you should definitely rely on a platform with proven security practices.

FileMaker is commonly used to create various business applications for inputting and processing data, and it’s one of the most useful tools on this market. However, its large user base has also drawn a lot of negative attention from hackers and other malicious users seeking to exploit potential holes in FileMaker systems. This makes it important to familiarize oneself with the security state of the tool and the platforms surrounding it before committing to its usage.

The truth is that FileMaker is actually remarkably good at keeping your data where it should be and in an uncompromised state. But because it’s so flexible and allows users to configure so many of its parameters, sometimes this security doesn’t quite work that well, and you need to be more careful with how you’re setting things up.

Always rely on safe user practices

There are some common safety practices when working with a user-facing application that provides individual accounts. Take a look at how the default guest account works, and disable it if it’s not relevant to your current app. Make sure that you have a password on the admin account. After that, each user should be assigned their own account configured for their own position’s needs, and everyone should be required to use a safe password.

Configuring the database privileges correctly is important too, and you must make sure that nobody can access tables that they don’t need in their work. Additionally, nobody should have higher-level access to a table than their work currently requires them to, e.g. not everybody should be allowed to write to a table by default if it’s only meant for data processing and aggregation.

Isolate critical functionality

FileMaker allows you to separate a lot of functionality from the “front face” of the application, and execute it in an isolated manner. In other words, instead of having the user request a certain set of data, you can have the database do that as a function that the user simply has to execute. This can not only keep things secure by ensuring that users have to do a minimal amount of additional typing and therefore won’t poke around where they shouldn’t, but it can also make the database slightly more user friendly by not requiring that much in-depth knowledge about FileMaker’s operation.

Of course, the latter is not necessarily always a good thing as it can sometimes lead to users being too confident about what they’re doing, and messing something up.

If you’re not sure, rely on a professional host

With so many options for FileMaker hosting on the current market, you shouldn’t give yourself any extra headache if you’re not sure about how to configure your applications for security, and rely on a professional company for that part. They will handle all the stressful parts of hosting your applications, and you’ll just have to come up with good applications for your users to use in the first place. And that, in most cases, comes down to having a good developer to work with.

Plus, when working with a professional hosting company, you’ll also have the reassurance that any security issues are handled by them as soon as they arise, and that they are not your responsibility. This includes updates to server software and other procedures which can often be quite annoying to the regular users. Of course, following appropriate security practices with your own applications, and ensuring that you know what’s going on with each of them, is always a good idea and you should not relax your efforts on own side of the deal. You’ll find that there is still plenty you can do yourself to make sure that your applications stay safe and secure.

Leave a Reply