Planning security for a shared file

Overview

Claris Pro

When a user first starts a Claris client, they must sign in with their Claris ID account. A new Claris Pro file is always protected by the creator's Claris ID account. Whenever the creator opens the file, the Claris client automatically signs in with the creator's Claris ID account. Because the creator's account is assigned the Full Access privilege set, the creator can access and change everything in the file.

You can use accounts and privilege sets to secure the file. How you secure a file depends largely on whether you share the file with others or not:

  • To keep someone else from opening a file on your computer, you can encrypt the file. See Encrypting and decrypting database files.

  • To share a file with others and provide varying levels of file access to different users, follow the steps below to plan the security you need for the shared file.

FileMaker Pro

A new FileMaker Pro file created locally by FileMaker Pro is initially unprotected. Whenever the file opens, it automatically logs in the user with the Admin account, which is assigned the Full Access privilege set. This permits the user to access and change everything in the file.

A new FileMaker Pro file created in FileMaker Cloud is protected with the Claris ID or external identity provider (IdP) account of the team manager who created the file. This account is assigned the Full Access privilege set.

You can use accounts and privilege sets to secure the file. How you secure a file depends largely on whether you share the file with others or not:

  • To keep someone else from opening a file on your computer, you can password-protect the file. See Password-protecting a local file (FileMaker Pro only).

  • To share a file with others and provide varying levels of file access to different users, follow the steps below to plan the security you need for the shared file.

See FileMaker Security Guide.

To plan the security for a shared file:

  1. Determine the privilege sets that you need for the file.

    Make a list of the areas of the file that you want to protect, such as particular tables, fields, records, layouts, value lists, and scripts. Plan the number of privilege sets you need to enforce the varying levels of file access that you require.

    Note  Each file contains three predefined privilege sets, which may meet some or all of your needs. See Using the predefined privilege sets.

  2. Claris Pro only: Determine which users to grant access to.

    Only individual users are supported for Claris ID accounts in Claris Pro. See Editing Claris ID account access (Claris Pro only).

  3. FileMaker Pro only: Determine whether to grant access to users individually, to groups of users, or to both.

    Individual users are supported for accounts that authenticate via FileMaker file, Claris ID or an external IdP, or Apple ID or OAuth identity providers. However, to use groups, users and the groups they're in must be defined outside the file by a supported identity provider or authentication server. Groups are supported for accounts that authenticate via:

  4. Decide whether you want to allow unspecified users to open the file.

  5. Create the privilege sets that you need in the file.

    See Creating and editing privilege sets.

  6. Determine whether to enable any extended privileges for certain privilege sets.

    If you want certain privilege sets to be able to access a file in certain ways—for example, to open a shared file over a network with a FileMaker client application or access the file from a web browser via FileMaker WebDirect—you must enable extended privileges for certain privilege sets. Don't enable extended privileges unless they're needed.

  7. Grant account access in the file to users or groups, and assign the appropriate privilege set to each.

    If you're using the Default account (Claris Pro) or Guest account (FileMaker Pro), assign a privilege set to it as well. Otherwise, disable the account. See Creating and editing account access.

  8. Test each privilege set to make sure it restricts file access the way you want.

    Open the file using different accounts and test each privilege set that you created. Make sure the restrictions work the way you want, and make any needed corrections to your privilege sets.

  9. Optionally limit other files from accessing the schema of your files.

    You can additionally protect a file by requiring authorization of any file that attempts to access its tables, layouts, value lists, and scripts. See Authorizing access to files.

Additional security tips

Though accounts and privilege sets provide good database protection, they are not a 100% secure solution. You should take other reasonable measures to protect access to your files and information, and not rely solely on FileMaker Pro access privileges. For example:

  • If you host FileMaker Pro files on a computer that is shared over a network, use operating system level security settings and passwords to restrict folder and file access to authorized personnel only.

  • To protect files while they are being stored on disk, encrypt them. See Encrypting and decrypting database files.

  • Set the screen saver feature of your operating system to require a password in order to wake up the computer from the screen saver.

  • Protect the physical security of the computers, hard drives, and backup storage media where the files reside.