Blog

Software tips, techniques, and news.

FileMaker Safety Checklist

The FileMaker platform does a great job providing native security features for your organization. While no organization can have too much security, the key is finding a comfort level that best fits your company. I always recommend organizations sit down and really think about one question: What would happen if your data were to be compromised? Once you know the answer you can begin to draft and implement a security policy that is right for your organization.

I offer up my own checklist as a way to guide your security discussions and a reference for protecting your data. Keep in mind most businesses do not implement everything on this list. It is meant as a quick reference to spur discussion and ensure your application is protected.

File Checklist

☐Enable Encryption At Rest, be sure to document password

☐Enable File Access Restrictions in Manage Security

☐Disable automatically opening the file with account credentials

☐Set the minimum required version in File Options

☐Use External Authentication when possible

☐Disable/Remove the default Admin account

☐Consider hiding your files from being shown when hosted

☐Enable disconnecting users from server when idle

☐Disable storing passwords in the Credential Manager

☐Consider requiring a minimum length password for all users

☐Consider requiring users to change their passwords

Server Checklist

☐Remove sample file from FileMaker Server

☐Disable unused technologies (XML, PHP, WebDirect)

☐Enable SSL on Server with a custom certificate

☐Enable HTTPS for Progressive Downloads (requires a custom cert)

☐Enable client timeout

☐Disable Installing Plug-ins on Server

☐Consider changing the default ports from 80 and 443 to non-standard ports

☐Restrict admin console access by IP Address

General Tips

☐Keep FileMaker up-to-date with the latest security patches

☐Block non full access accounts from using FileMaker Pro Advanced

☐Limit plugin usage with Get( InstalledFMPlugins )

☐Use guard clauses to ensure scripts run from correct platform

☐Send credentials via encrypted email using a service like Virtru.com

youtube-preview

Check out our presentation on FileMaker Security with the FM AcademyReach out to us when you are ready to implement your FileMaker Security Policy or to take your application to the next level.

Did you know we are an authorized reseller for Claris FileMaker Licensing?
Contact us to discuss upgrading your Claris FileMaker software.

Download the FileMaker Security Checklist File

Please complete the form below to download your FREE FileMaker file.

First Name *
Last Name *
Company
Email *
Phone *
FileMaker Experience *
Agree to Terms *
michael westendorf headshot.
Michael Westendorf

Michael is a FileMaker Certified Developer who joins DB Services with nearly a decade of experience as an Information Technology Manager in the printing industry. Originally from San Diego, he moved to Iowa during his teens and earned his Bachelor's Degree in Management Information Systems from Iowa State University.