Claris FileMaker Security Guide: Best Practices for Configuring Security Options
This guide describes the security features available with the FileMaker Platform and the steps you can take as a custom app developer, a server administrator, or an IT professional to apply these security features to your FileMaker custom apps.
Depending on your security compliance and certification requirements, there may be additional steps you need to take. It is your responsibility to fully understand these requirements.
FileMaker Platform security features
The FileMaker Platform features help you control data access, operations, and development within a FileMaker Pro file. Key capabilities include:
Authentication with accounts: The FileMaker Platform encrypts credentials stored within custom apps so the credentials are protected. Users can also authenticate via Active Directory, Open Directory, or OAuth identity providers. For apps hosted by FileMaker Cloud, users authenticate with their Claris ID accounts or with an external identity provider (IdP) account configured for their team.
Access control with privilege sets: You define permissions that determine levels of access to your custom app. You can define as many privilege sets as needed.
Data encryption on the disk and during transmission: You can encrypt the data stored within a custom app. You can also require Secure Socket Layer (SSL) encryption of data between FileMaker Server or FileMaker Cloud and FileMaker Pro, FileMaker Go, FileMaker WebDirect, FileMaker Data API, and ODBC, JDBC, and OData-capable client applications. FileMaker Cloud encrypts the data automatically if it's not already encrypted.
Server monitoring and administration: Admin Console allows you to monitor custom app access, disconnect idle users, and create backups of your custom apps. For apps hosted by FileMaker Cloud, team managers use Claris Customer Console to add users to the team and manage groups of users that can be given access to apps.
The FileMaker Platform employs a unified security model, where the security that you establish for a custom app is in effect across all clients.
Security settings defined within a custom app using FileMaker Pro apply only to the information and schema (layouts, tables, fields, relationships, and scripts) stored in that file.
Security settings configured within FileMaker Server and FileMaker Cloud are deployment specific and apply to all custom apps hosted by the server.
Admin Console refers to Admin Console for FileMaker Server and FileMaker Cloud, unless describing a particular product.
Custom app, solution, database, and file are all terms for what you create and work with using FileMaker products.
For information about FileMaker Cloud, see FileMaker Cloud Help.