Before you create even one database with one field, you should have a security plan. Every database developer worries about the security of his or her database system, and a plan will help you put down everything you need to worry about on paper. Interview your users or your client. Make sure you’ve covered all the bases.
Following is a list of topic areas and questions you should answer in your security plan, along with some suggested answers.
In order to minimize risk of data loss through damage or theft, take care to restrict access to the physical hardware and software that store and distribute your database system in the following areas:
The database system will be served from a particular workstation or server. Make sure that this computer cannot be tampered with by unauthorized persons by locking it in a room. You might also consider locking the computer itself down with a chain. Also, consider making the server headless — i.e., it has no monitor so that it can only be securely administered remotely (though remote administration software adds its own security risks). Your database server should log idle users off after a certain amount of time.
Make sure that only authorized persons have network access to the server hosting the databases. No one else should be allowed to log in, via regular network protocols or via remote access software. If they do, they could gain access to your databases. Included in this section are issues of setting up a firewall to keep intruders out, making sure that “packet sniffers” can’t grab FileMaker data out of the ether on its way back and forth from server to client (and vice versa), and making sure that there are no insecure access points to your network (unused offices in your building with live Ethernet cables coming out of the wall).
For every workstation that can access the database, make sure that proper security is in place to prevent unwanted access to the database. This includes requiring users to log on to a workstation before allowing them to do anything on it, and timing out a user after five to ten minutes of activity to minimize the risk of someone coming to someone else’s workstation and accessing the database.
Make sure that there are no always-on Internet connections to the database’s server (or to PCs that can access the server) without first making sure that those connections are properly secured behind firewall hardware or software and usage logs.
Database System Security
Determine who can access the database system and how much access any given type of user has in the system.
All databases should have passwords associated with them. Users should be required to enter a password and user name to access the database system.
Should only one person have rights to create new user accounts? Who should be allowed to see financial or employee records? Who should be allowed to delete records? Export records? Print certain reports? Who should be able to press the “Underprice Our Competitors” button?
If necessary, you should design the system such that any change to any field in any record in any database is logged. By reviewing the log, you should be able to see what the original value was, what the new value is, where the change was made (what database or field), when (date and time), by whom (which user), and perhaps in what environment (platform, version of FileMaker, on what layout, and so on).
Come up with a regular, scheduled backup scheme so that you always have other copies of the database to fall back on should the main system fail.
On a semi-regular basis, depending on your work environment, you should review your security plan and, in light of any recent developments within your organization, change the security features of your database system.
Come up with a step-by-step protocol to use in case of various emergencies (crash, disgruntled employee, corrupted database, tsunami, and so on).
Write down a list of any known risks and try to come up with ways to eliminate or mitigate them so that they don’t become emergencies or security breaches.
Carefully train any user who will access the database system to properly access it and know all of its security features as well as the general security policies of your organization, like how to create passwords or how to log on and off of the network safely.
FileMaker Pro Security
In a few moments, we’ll examine all of the features built-in to the FileMaker Pro application, which you can use when building databases. But, before building anything, you should ask yourself:
Knowing all of this will help you organize the proper mélange of FileMaker security features so nothing nefarious happens to your database system. You’ll learn about all of these built-in features shortly.
In addition to FileMaker’s built-in security, you may choose to add additional security to your databases in the form of additional software, such as the SecureFM, Troi Coding, or DialogMagic Plug-ins. Also, you may choose to administer passwords for your solutions using a tool like New Millennium’s Password Administrator suite (a great little tool). You’ll learn the ins and outs of these add-ons later, but as you write your security plan, you should consider these additional pieces of software and see if there’s something that you simply have to have.
File Maker Related Interview Questions
|Management Information systems Interview Questions||Software Engineering Interview Questions|
|File net Interview Questions||Data analyst Interview Questions|
|Hadoop Distributed File System (HDFS) Interview Questions||Linux File Systems Interview Questions|
|Excel Data Analysis Interview Questions||Asp Dot Net Database Interview Questions|
All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd
Wisdomjobs.com is one of the best job search sites in India.