Secure the machine running the FileMaker Server
Though accounts and privilege sets provide good database protection, they do not provide a completely secure custom app. If you're using FileMaker Server, you must protect access to your files and information, and not rely solely on FileMaker Pro access privileges. For example:
-
Protect the physical security of the computers, hard drives, and backup storage media where the database files reside. For example, place the computer running FileMaker Server in a locked room.
-
Use the most recent operating system versions certified by Claris International Inc.
-
If you host FileMaker Pro databases on a computer that is shared over a network, use operating system security settings and passwords to restrict folder and file access to authorized personnel.
-
Set the screen saver feature of your operating system to require a password in order to wake up the computer.
-
Never run other network services, such as an email server, on the same machine as FileMaker Server.
-
Verify that all other network services support only the highest level of security possible—for example, the most recent TLS protocol. These network services should disable support for insecure protocols—for example, SSLv2 and SSLv3.