Tutorials and Online Training Videos

FileMaker Security Tutorial

Security is directed at preserving the Confidentiality, Integrity, and Availability of digital assets and at protecting developer intellectual property. In a time when databases are regularly subjected to a variety of threats ranging from the malicious to the inadvertent, FileMaker developers, IT managers, and database administrators must take steps to protect digital assets. FileMaker Pro and FileMaker Server contemplate a system of role-based security coupled with industry standard Identity and Access Management controls. This series of movies examines many aspects of FileMaker security: how to construct it, how to manage it, how to deploy it, and how to avoid common, but costly, security errors. To begin learning today simply click the movie links.

Introduction and Overview

What Will be Covered
Why it Will be Covered
How Information is Organized

Why Security is Important

Confidentiality / Integrity and Availability of Data
Intellectual Property Protection
Risk and Threat Analysis - The Process pt. 1
Risk and Threat Analysis - The Process pt. 2
Risk and Threat Analysis - The Results
Risk and Threat Analysis - Applying the Lessons Learned
Criminal Threats

Introduction to FileMaker Security

Privilege Sets
Extended Privileges
Accounts in IWP
UI Integration
Security of Backups

Identity and Access Management

Account Authentication
IWP Account Authentication
Passwords and Passphrases

Privilege Set Design

Role Based Security
Rule of Least Privilege
Core Privilege Bits
Granularity Explained
Granularity Tables
Granularity Value Lists
Granularity Scripts
Granularity Custom Functions
Custom Privileges
Custom Extended Privileges
CounterIntuitive Settings
Record Level Access pt. 1
Record Level Access pt. 2

FileMaker Server Integration

Database Visibility
Web Based IWP Database Visibility
CWP and Related Issues
Encryption-Data in Transit
External Server Authentication pt. 1
External Server Authentication pt. 2
Protecting Your Server

Intermediate Level Security Issues

What Do We Do Now - Real World Security Deployment
Custom Menus - Intro
Custom Menus - Creating and Installing
Custom Menus - Unexpected Results at Privilege Intersections
How to Address Custom Menus
Intro to UI Mgmt With PlugIns
Unexpected Privileges Remaining Issue
Export Field Contents Issue
Editing Value Lists Bit Conflict
Create and Edit Intersection
The Evaluate Function
Ersatz Log Ons
Ersatz Log Ons Concept
Ersatz Log Ons Vulnerabilities
File References
File References Triggering Scripts
File References Printing
IWP Implict vs. Explicit Guest Access
IWP Website LogOn Management pt. 1
IWP Website LogOn Management pt. 2
Run Script with Full Access Privileges

Advanced Level Security Issues

OS Level Hardening pt. 1
OS Level Hardening pt. 2
Multi-Factor Authentication
UI Integrity
UI is Not a Security Feature
Audit Trails
Server Physical Integrity
Layout Access Exposes Features
Scripts and Their Context pt. 1
Scripts and Their Context pt. 2
PlugIns that Assist
Script Variables and Vulnerabilities
Encryption-Data At Rest and Backups pt. 1
Encryption-Data At Rest and Backups pt. 2
Architectural and Analytical Issues
Defense in Depth
Authentication Order FMServer
Opening Scripts
Web Viewer (8.5 only)

Summary and Conclusions

Summary pt. 1
Summary pt. 2
About Steven H. Blackwell

Related Books on FileMaker Security

Save $80 on the
by Motorola with Verizon Wireless service for less than from Verizon Wireless directly.
Save $80 on DROID BIONIC
More Cell Phone Discounts