FileMaker tips, techniques, and news.

By Michael Westendorf  Posted on  May 9th, 2017  in  FileMaker

FileMaker 16 Security Features

FileMaker is always improving the FileMaker platform and moving to yearly release cycles has only made it better. The security updates in the latest revision are no exception. The premier security features are field-level encryption, and the ability to authenticate with third party identity servers including Amazon, Google, and Microsoft Azure AD using oAuth.

Field Level Encryption

The ability to encrypt data at the field level using new FileMaker functions will directly impact the security of future systems. The BaseElements FileMaker plugin was our go-to way to perform field-level encryption of sensitive information such as credit card info and protected health information (PHI), but moving forward this can be handled directly by FileMaker natively. The new functions at your disposal include:

  • CryptEncrypt – Encrypts data with the specified key and returns container data.
  • CryptEncryptBase64 – Encrypts data with the specified key and returns text in Base64 format.
  • CryptDecrypt – Decrypts container data with the specified key and returns text or container data.
  • CryptDecryptBase64 – Decrypts Base64-encoded text with the specified key and returns text or container data.

With these new function encrypting data is a simple function call away. The CryptEncryptBase64 function can be used to secure your data within a text field. It requires two parameters: the data to be encrypted and a secret key. The data is then returned in a secure Base64 format. Be sure to keep your secret key in a safe place. With the key anyone can use the companion function CryptDecryptBase64 to retrieve your sensitive data.

New FileMaker Authentication Methods

Filemaker OAuth ChoicesFileMaker uses industry standard OAuth 2.0 for communicating with your identity authentication provider of choice. This will allow FileMaker applications to validate user identities with a third party service. This is a great new feature for administrators using Google Apps, Amazon, or Microsoft Azure. Gone are the days of managing two user directories.

This is done in two steps. First configure your FileMaker Server to authenticate with your provider of choice. Next open your FileMaker Pro Application and define an account to use your authentication provider. From now on you will be able to use the third party provider to login just like any other externally authenticated server.

FileMaker Pro / Pro Advanced 16 Features

FileMaker Pro Security Credential

One thing you will notice throughout the application is that security has become much more prominent. In every screen you will see the security lock indicator. In the login window it will also display the name of the server you are connected with. This is a nice change and will give users peace of mind that their server and connection is secure. As expected clicking the lock will provide information about the connection and certificate being used.

Two new extended privileges have been added in this release. First "fmurlscript" allows you to completely disable fmp URLs from accessing your application. This technique has become very popular over the years, but it is nice to know as developers we have the ability to turn it off. Much like they did in the last release to further put security customization in the users hands.

The other new extended privilege goes hand-in-hand with another great new feature: the FileMaker Data API. The extended privilege set is simply called fmrest. Just like the fmphp and fmxml we recommend disabling until you need to use.

Conclusion

FileMaker's continued improvement in the security realm is alway a welcome change. I know this developer will be pushing more clients to use FileMaker 16's new security features, including native data encryption, extended privileges, and third party OAuth authentication.

Did you know we are an authorized reseller for FileMaker Licensing?
Contact us to discuss upgrading your FileMaker software.

Michael Westendorf thumbnail
Michael Westendorf

Michael is a FileMaker Certified Developer who joins DB Services with nearly a decade of experience as an Information Technology Manager in the printing industry. Originally from San Diego, he moved to Iowa during his teens and earned his Bachelor's Degree in Management Information Systems from Iowa State University.

FileMaker 18 Certified Developer
FileMaker 17 Certified Developer
FileMaker 16 Certified Developer
FileMaker 15 Certified Developer
FileMaker 14 Certified Developer
FileMaker 13 Certified Developer
FileMaker 12 Certified Developer
FileMaker 11 Certified Developer
"We were actually able to add more features than we thought would be possible within our budget. We always experienced a ‘can do’ attitude and DB Services was incredibly patient and easy to work with."
Courtney Hartman
Art Director
"The new FileMaker custom website interface is very user-friendly and easy to follow for our clients. In addition, it is much faster than the old Instant Web Publishing (IWP) interface. Thank you and all the others who have helped us out at DB Services. I am very grateful for the excellent service you provide us. Its nice to know we can call you for help if we have an issue."
Wayne Capek
President
"We needed a solution that would simplify the administration of our responsibilities under our contract with the State of Indiana. We have seen a dramatic increase across the state in the number of potential foster and adoptive parents that have begun the preparation and training process. This increase has resulted in a significant opportunity for children available for adoption. That’s a big win for everyone! And it’s all because we can refer potential parents to the proper state contacts efficiently and quickly."
Chris Morrison
Executive Director
"Thank you for all of your expertise and valuable help. I am so grateful to have found DB Services."
Linda Findlay
Owner
"Thank you for our new database system. We transitioned from a carbon copy paper based system to a digital database. The software has saved us time and money. We used to archive all our jobs in cabinets, now we can look up a job in seconds from anywhere. The software allows us to easily email estimates to our customers in pdf format. In a year there was a return on investment just from eliminating the purchasing of our carbon forms."
Todd Cartmel
Owner
"The new system allows us to create and track jobs for customers along with inventory, something we had been doing with separate word and spreadsheet files. Because it’s now so intuitive, new staff members are able to begin using the database immediately without our usual training session and ‘cheat sheets’ for getting around within the file."
Tom Andrews
President