dwaynewright.com

From Dwayne Wright - Certified FileMaker 9 Developer
WEB: www.dwaynewright.com
EMAIL: info@dwaynewright.com
TWITTER: dwaynewright

CHAPTER 4: More About Privileges

What happens to status bar buttons, like delete record, if the user does not have access to delete records. Is it grayed out, does it just not work, is there a notification?

I had to manually give this a try because I rarely use the FileMaker 10 status bar and even more rarely work with a database in a mode other than full access. What I found out is that the buttons are grayed out and un-clickable.

Here you can see the status bar while the user is signed in with full access. (click image to expand viewing area)

Here you can see the status bar while the user is signed in with read only access. (click image to expand viewing area)

Even more weird, you can customize the status bar in Read Only access. The icons become full viewable (not gray) and you can add icons to the status bar that you don’t have access to engage. Once you save your toolbar settings, the buttons will gray out again.
=
More info about the author and FileMaker in general, contact me at info@dwaynewright.com.

© 2009 - Dwayne Wright - dwaynewright.com

The material on this document is offered AS IS. There is NO REPRESENTATION OR WARRANTY, expressed or implied, nor does any other contributor to this document. WARRANTIES OF MERCHANT ABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY DISCLAIMED. Consequential and incidental damages are expressly excluded. FileMaker Pro is the registered trademark of FileMaker Inc.

QUESTION: What is the most straight forward to remove access within InBizness for a majority of the users to clients credit card data?

ANSWER: The most straight forward way is to remove the field access permissions to the credit card related fields in the Clients module. This is done for each privilege set that corresponds to the business role of a staff member.

First up, open up the privilege set dialog box for one of the privilege set.

Under the records data access settings, choose the Custom Privileges option.

Next we want to choose the "limited" option for field access for the CLIENT table. This will allow us to target options for fields in the Client module.

From here, we want to remove the access for the privilege set for the credit card field. In the case of InBizness, these fields are have a prefix of cc_ .

So when you are done, it should look something like this.

From Dwayne Wright - Certified FileMaker 9 Developer
WEB: www.dwaynewright.com
EMAIL: info@dwaynewright.com
TWITTER: dwaynewright

CHAPTER 4: More About Privileges

The Field Access Setting is part of the Record custom record privilege dialog box setting. Most of the FileMaker security settings are applied to the file, the table, the layout or the record. The field access setting allows you to apply a security setting all the way down to a particular field. Field Access settings will take precedence over the higher level settings that grant access. So a user can have access to a file, a table and a layout but you can set it up that they cannot view or modify data within a particular field. Now if the user does not have access to a file, a table or a layout, the field access setting under those conditions isn’t relevant.

Here you can see the custom record privileges dialog box and the setting for field access, currently this is set at none.

Here you can see the custom record privileges dialog box and the setting for field access. Here you can see the options for the Field Access menu for all, limited or none.

Down another level, you can see that you can choose field access to all fields and none of the fields for a table. The other setting, the limited setting allows you even more power and flexibility.

Choosing the limited setting, brings up this dialog box for access to modify the data in the field, only see the data or no access at all.

From Dwayne Wright - Certified FileMaker 9 Developer
WEB: www.dwaynewright.com
EMAIL: info@dwaynewright.com
TWITTER: dwaynewright

CHAPTER 6: Security And The Business

FileMaker does not have a feature that can test the vulnerability of a FileMaker solution. There are such tools available in network design that can scan for network holes or places that are vulnerable to attacks. It is a shame because the development of a robust FileMaker solution can be difficult. It is always possible you missed one thing out of so many steps that makes a productive system as secure as it could be.

So the only way to be sure that a solution is safe is to test, test and test it again. The idea is to see if you can get into areas or perform actions you shouldn’t be able to ... while accessing the system under a particular privilege set. Without testing the vulnerability of a FileMaker solution, can you be sure that it is secure?

Now, if you have a nice set of security documentation ( including a security policy ), you can test for security results much easier. The idea is to document that this role can do this but shouldn’t be able to do that.

For example, log in with a user role for the shipping department and see if you can change an invoice. Another typical example is to log in with a sales person’s password and see if you can change the cost of a product.

This kind of testing isn’t the most exciting element of FileMaker design but it an essential aspect of database security protection.
=
More info about the author and FileMaker in general, contact me at info@dwaynewright.com.

© 2009 - Dwayne Wright - dwaynewright.com

The material on this document is offered AS IS. There is NO REPRESENTATION OR WARRANTY, expressed or implied, nor does any other contributor to this document. WARRANTIES OF MERCHANT ABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY DISCLAIMED. Consequential and incidental damages are expressly excluded. FileMaker Pro is the registered trademark of FileMaker Inc.

From Dwayne Wright - Certified FileMaker 9 Developer
WEB: www.dwaynewright.com
EMAIL: info@dwaynewright.com
TWITTER: dwaynewright

CHAPTER 6: Security And The Business

There may be some difficult choices to be made in regards to securing information that a user needs to use to be productive within their role within the organization. This is one of the primary reasons why security begins with the people. One of the direct concerns from management is that someone will extract critical information and supply it to a direct business competitor. This is normally done by an employee that is unhappy with their employment position with one company and is looking for a better opportunity with a competitor.

I once worked with a company in which this happened all the time. Sales representatives of their competitors would interview and claim they had digital records of all their current customers. In their job interview, they mentioned that they would bring those customers over with them as they made the position switch.

Obviously, the company that I did the project for had me batten down the hatches on their database system. In fact, sales reps could never be able to see companies other than their own, could not print and was limited to list views of 5 records or smaller.

There are at least 4 levels of database information stealing and each has a different threat level. As we have mentioned many times, it is difficult to protect yourself if someone is determined at whatever cost to get this information. However, I think it is worthwhile to discuss some of the different ways information can be obtained. I will use the disgruntled sales rep example as the basis in describing these levels.

STORED MENTALLY
The first and lowest level threat is viewing information that should not be needed or even accessible. The sales rep may be able to see who the key contacts are for valuable clients and record this information manually. This is more of a one off process and doesn’t lend itself well to batch record stealing. This supports a security layer that individuals should not see data they do not need to see.

STORED ON PRINT OUTS
The next level is the ability to print information. With the ability to print information, it is easier to obtain data about a batch of records. Now it takes longer to reenter the data in a new system but possible. There is also the ability to print to a PDF and this makes transporting large amounts of data easier and their are tools out their that can parse a PDF. So it is quite possible you may need to restrict printing access of large collections of data.

EXPORTING DATA
The next level is the ability to export information out of a database. This makes it very easy to batch move a bunch of information in a very small package. Now it is possible the data that can be exported isn’t complete as the disgruntled employee would like. However even incomplete data on a large batch of records is still a very considerable threat.

COPIES OF WHOLE FILES
The final level is directory access to the files, which could be copied from one machine to the next. This is the most dangerous because it involves the copying of both information and structure. The structure may contain password information to more secure files and compromise them also.

IN SUMMARY
So these are things you might want to consider as you are doing a security review of your files and your business workflow. You should keep in mind that every time you ratchet up your security settings, you may be putting in obstacles that limit the productivity of the good employees.
=
More info about the author and FileMaker in general, contact me at info@dwaynewright.com.

© 2009 - Dwayne Wright - dwaynewright.com

The material on this document is offered AS IS. There is NO REPRESENTATION OR WARRANTY, expressed or implied, nor does any other contributor to this document. WARRANTIES OF MERCHANT ABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY DISCLAIMED. Consequential and incidental damages are expressly excluded. FileMaker Pro is the registered trademark of FileMaker Inc.