Hosting your FileMaker files in the cloud brings a lot of advantages, but it implies a minimum of security measures.
The following is not an exhaustive checklist of security measures you can take to keep your application secure. It is a set of measures to take before uploading a file to your cloud server.
Other security measures such as encryption, OAuth authentication… are not mandatory to switch to fmcloud.fm. However, they are all supported by our service.
The security dialog (File/Manage/Security)
- [RECOMMENDED] disable [Guest] access.
- [MANDATORY] if you really need to have a Guest access, make sure that it doesn’t have [Full Access]
- [MANDATORY] make sure that all accounts with [Full Access] are password-protected (below FileMaker displays an account with Full Access that is not password-protected in red)
- [RECOMMENDED] Protect all accounts with password protection (accounts with other privilege than [Full Access] not protected by password will not be displayed in red. Select an account to see on the right whether it is password protected or not.
- [MANDATORY] In Extended privileges, make sure that fmapp is enabled for Full Access privilege set, or you won’t be able to modify the file remotely. If you uploaded a file without fmapp extended privilege set, you will have to remove it from the admin console before you can upload a new one.
- [RECOMMENDED] in privilege sets where users are allowed to change their passwords, ensure that the minimum length of passwords is sufficient (at least 8 characters)
- [MANDATORY] in the last tab of the advanced settings, please check the box ‘Require full access privileges to user references to this file’. In files created with FileMaker Pro 18 or later, this checkbox is checked by default.
In the file options (Menu File/File options)
- [RECOMMENDED] disable default account (‘Login using’)
- [MANDATORY] if you absolutely need to define a default account, this account cannot have the [Full Access] privilege.