FileMaker has done it again. They are constantly improving the security features of the FileMaker platform to better serve its users. Now that FileMaker 15 has arrived, let's review those changes.
Watch on Youtube: FileMaker 15 Security Features
Pro / Pro Advanced 15 Features
First, a new warning will appear whenever a connection is made to a hosted file and the connection cannot be validated. This mainly applies to deployments of Server that are using the self-signed certificate when SSL is first enabled. FileMaker has always been clear with their message: the self-signed certificate is for testing and development only. If you don't wish to see this notification and need SSL enabled a signed certificate is the best way to remove it. Servers that have a regular (custom) certificate or have SSL disabled will never display this message. Keep reading to see how FileMaker Server 15 has improved this process.
One alternative is to check the "Always permit connection to this host". This will then add the server as a permitted host in your FileMaker Preferences.
The Data Viewer has been updated; in the past users with FileMaker Pro Advanced could gain access to any information in your application. No more! Now a full access account is required to use this feature. Certainly, a welcome change that matches the Script Debugger and Current tab of the data viewer itself.
Gathering passwords from users is now even easier. A new control style, the "concealed edit box", has been added to mask any sensitive data. FileMaker now provides a sleek way to protect sensitive information entered by a user.
Just like its desktop counterpart, FileMaker Go will warn you when trying to connect to servers/files that are not secure.
The Always Permit Connection is a welcome feature. Users will likely be familiar with this concept from browsing websites. Just like on Pro users can manage their list of permitted hosts directly within FM Go.
With FileMaker Server 15 you can now create your certificate signing request, serverRequest.pem and serverKey.pem files directly from the admin console. Previous versions required this to be done from the command line or terminal. This file is then used with your certificate authority to generate the certificate. Just be sure to follow the process outlined with your certificate authority. As a bonus, we can now also view the certificate once it has been properly installed.
FileMaker Server now has the option to require password-protected databases. A database that has a Guest account using the Full Access privilege set, a Full Access account with an empty password, or a Full Access account with the password stored in the database using the File Options dialog box "Log in Using" option is insecure and will not be opened.
Keep In Mind
Extended Privileges – To prevent Applescript or ActiveX from performing FileMaker scripts, use the new fmscriptdisabled extended privilege.
FMS SSL Certificate – You will still need to use the command line/terminal to delete a custom certificate.
FileMaker Go – You can now log in to your application using Touch ID.
With all the focus on protecting data these days, it is nice to see FileMaker's continued improvement in the security realm. I know this developer will be pushing more clients to use FileMaker 15's new security features, including custom SSL certificates, ensuring a smooth deployment. Contact DB Services at any time if you have questions or needs with FileMaker.
Did you know we are an authorized reseller for Claris FileMaker Licensing?
Contact us to discuss upgrading your Claris FileMaker software.