Protecting Customer Data – Solutions For A FileMaker Developer

In the process of creating solutions for their clients, FileMaker developers often find it easier to put the client’s database(s) on their own desktops, notebooks or servers rather than connecting to a remote computer. A lot of clients I deal with don’t pay too much attention to security, and it’s our job as developers to keep their data secure, whether it’s in the database or we’re talking about the database itself, especially during development. My take on this is very simple: if others mean harm, no security measures will keep them away from attaining their goal. However, as a technology specialist, it’s my duty to take measures to keep customer data safe. In this article, I am concentrating on three topics:

  1. Securing your computer
  2. Securing your FileMaker data
  3. Secure backups

The purpose of this article is not to cover anything and everything under the sun, but to remind you of best practices and give you some ideas about how to approach things. Also, I use a Mac, so if any of these things don’t work on Windows or if you’d need to do things differently, feel free to comment.

Securing Your Computer

  1. Assign a Password. While your sister’s computer may not need a password to log in with, as a developer I highly recommend you disable automatic login and give yourself a nice, at least 12 character-long, secure password. Secure means that you do not use the same password everywhere. If you need a tool to help you manage and keep passwords and even generate secure passwords for you, 1Password is the best I’ve seen.
  2. Eikon Fingerprint reader. If you need stronger security than a password for your notebook, I highly recommend the UPEK Eikon to Go Digital Privacy Manager for Mac. It’s a portable security device that fits on your keychain and can be with you wherever you go.
  3. Securing your passwords. Whether you are logging into a web site to pay your taxes or logging in to manage your email preferences from a newspaper, it is important to have secure password. In this age of increasing identity theft, this is getting to be more and more important. Below are a couple of tips on achieving this:
    1. Choose passwords that don’t contain personal information but are easily remembered. How do I know if my password is secure? If you have at least 12 characters and at least one number and a special character and your password does not read a full word in English, you’re onto a good start. There is a lot of literature on choosing passwords out there; here’s a good one from Microsoft.
    2. Don’t reuse your passwords. Make sure the websites for your bank accounts and credit cards have different login information. Don’t make it easy for people to gain access to one password and take everything from you.
    3. Use 1Password (or a similar utility) that is available for both Mac and Windows, iPhone/iPad and now Android, as well. Take your information with you securely, so you don’t have to remember all this useless information; instead, look them up when you need them. 1Password can also generate and store secure random passwords for you. Its keychain file can be synced to multiple machines (and the Android app) via Dropbox, so you can maintain your info on one device and it’ll be available to you on all of your devices (where applicable).
    4. Change your passwords every couple of months. Don’t be lazy about it. If someone gets hold of your information, it takes longer to get your money back from a bank than to change and store your password.

Securing your FileMaker Data

  1. Have a server (hosted or local). Have your files not be accessible to anyone locally but the FileMaker developers. This means not having the files on your File Server and NOT sharing the files with File Sharing. This can cause serious corruption in your database if a hosted file is opened locally and renders your file unusable.
  2. Convince your clients (yourself) to use privilege sets/accounts and passwords to manage the data in their FileMaker databases. People might not think it’s important but prevention is the best security measure. Give people access to what they need, no more and no less, to reduce human error.
  3. Make sure all of your FileMaker databases have passwords. This is especially important if you use the Data Separation Model. If you leave your data file unprotected, why bother putting a password on your interface file?
  4. Try to make sure users cannot set up an external file to have access to all your data in your main file. FileMaker Pro/Advanced 11 really helps with this. Previous versions allowed you to create references to your file. FileMaker 11 gives you an option to prohibit access with older versions of FileMaker and to require full access when creating references to your file. If security is important in your environment, it’s worth upgrading just for this.

Securing your FileMaker Backups

Backup, backup, backup. One can never emphasize this enough. Decide based on your server how often it can handle backups without causing serious hiccups in your environment. Let me give you an example. I used to have a FileMaker Server on an older XServe in an office environment. We did backups every hour and the databases paused for minutes, every hour on the hour so the backup can be performed. It was painful for 40 employees. I purchased a new XServe, moved the files to a RAID, and when the backup schedule ran every 30 minutes, nobody even noticed it. You can find a lot of literature on how to do backups. I suggest that you backup hourly, daily and weekly. Then move some of those backups offsite. One of the offsite solutions is Amazon AWS, but there are others. I use Amazon AWS in conjunction with 30Works’ SafetyNet. All my clients’ files that are stored on my server for development are backed up every night, so I can sleep well. The service is cheap and setup is a breeze. If anything happens, all you have to do is install SafetyNet on a different machine (anywhere in the world) and you can get back to work in minutes.

  1. Test your backups. It’s not enough to just have them sit somewhere. Open them up on occasion and test them to make sure there is no visible corruption. Don’t wait until something happens and then you realize your backups from the last 3 months are corrupt.
  2. Create clones on a regular basis of your healthy files. Same reason as above.

 

Agnes Riley presented the FOCUS Framework to the NY FileMaker Developers’ Group

On June 10, 2010 Agnes Riley of ZeroBlue presented the FOCUS framework to the NY FileMaker Developers’ Group. The demonstration included the main features of the free FOCUS framework, from how to quickly create tables and layouts and how privileges allow/disallow navigation. Participants also learned how you can modify the framework with your own design: theme and icon set. For ZeroBlue development starts with the FOCUS framework. It enables the developers to get a project off the ground in significantly less time than if created from scratch. The framework also comes with a large number of invaluable custom functions such as Geoff Coffee’s function for passing variables and several other ones by Will Baker. The modified version includes custom search and QuickFind capabilities. While this version of the framework was created for FileMaker 10, it works just as well for FileMaker 11.

The framework was developed by Vincenzo Menanno and Will Baker of Beezwax and can be customized to each customer’s needs.

To learn more about how your database can be created by using the streamlined FOCUS framework to cut down on development time, please contact us.

 

 

Adding shortcuts to FileMaker on Mac OS X

I have a seen a lot of complaints on mailing lists about shortcuts – that developers are used to – that are now missing from FileMaker 11. I may not be able to help restore those shortcuts, but I would like to show you how you can add shortcuts to menu items that do not have one.

Click here to view the video in high-quality.

In addition, you can invoke the “Inspector” by hitting Command + “I”, and you can switch between the tabs by hitting Command + “1” for Position, Command + “2” for Appearance and Command + “3” for Data.

 

Demo of the FMTouch iPhone App with a FileMaker database

Photo by Sandy Hechtman

December 11, 2008: Agnes Riley presented a FileMaker-made-mobile solution to the members of the New York Motion Picture Collective and the New York FileMaker Developer Group. The presentation demonstrated bringing a database from FileMaker to the iPhone through the use of FMTouch.

Click the images below to get a closer look:

Click the image below to see the video:

Now, let’s look at how this is done. To get started with porting your own database to the iPhone or iPod Touch, you will need the following:

It may seem daunting at first, but these simple steps will allow you to begin:

  1. Design your layouts you would like to use on the iPhone according to the style guide;
  2. Buy FMTouch form the iTunes Store;
  3. Download the synch plug-in and place it in your FileMaker?s extension folder, then restart FileMaker.
  4. Make sure the plug-in is enabled.
  5. Set up synching to your database on the iPhone (check the User?s Guide for more on this);
  6. Transfer DDR to iPhone;
  7. Name your Database;
  8. Initialize DDR;
  9. Choose the layouts you want to see;
  10. Re-initialize;
  11. Synch your database to get the data from the computer;
  12. Open your database.

Congratulations! Now that you have a FileMaker database working on an iPhone or iPod Touch, here is a list of tips and tricks that might be helpful to you, as well as observations to be mindful of as you move forward in your own development.

LAYOUT DESIGN

* You can design the layouts based on the example DB and provided style guide. Make sure you pay attention to scrolling with fingers. If you don?t want editable fields to get in the way of scrolling, make sure to lock them down.
* With FMTouch you can show layouts in ?portrait? (vertical), ?landscape? (horizontal) or ?both? modes. The iPhone is not able to differentiate between layouts whether they are designed for portrait or landscape modes. So you cannot simply rotate the phone in the hope that it will switch to a different layout. So, at this point you?re better off locking FMTouch to either vertical or horizontal mode, which you can do if you go to ?Settings? after you click on the little ?i? on the bottom right.
* Every time you change the layouts you would like to show, you have to reinitialize your solution.

LABELS

FMTouch is currently unable to show more than one line in a label showing text on the layout. You can, however, use two different workarounds:

  • You can type every line of text into a new label;
  • Or you can create a calculation field with the text you would like to show and place that on the layout.

FIELDS

You can use container fields in layouts, but they can only show a reference to an image. Only import the reference when you import an image; it will not show in FMTouch otherwise.

SCRIPTING

You can use the following script steps attached to a button on a layout:

  • Go to Layout*
  • Go to Record
  • New Record
  • Delete Record
  • Set Field
  • Go to related record.

* Note: You can use the ?GoToLayout? script step directly from a button, but you cannot use this script step as part of a script, because ?Perform Script? is not a supported script step.

Special thanks to Christina Tsao for her help with the database layouts.

Downnload the instructions (PDF)

I hope this has been helpful.

 

Evernote

This is exactly how I envisioned my application over a year ago, when I started working on it with some developer friends, except one or two EXTRA features, which I am not going to elaborate on.

Evernote, however is an excellent application for collecting notes from the web or your head and then syncing them automatically to different platforms, such as your iPhone. I have already made a nice FileMaker-related notebook on my Mac desktop app from different sources. The information can be tagged and is searchable, as well as you can email notes as PDFs automatically. Two thumbs up, Evernote!

In the image below you can see my collection of FileMaker-related notes:

 

[cta title=”Get Custom Development” btnurl=”/contact” btntext=”Contact Us” btncolor=”blue”]

At ZeroBlue we shine at building custom FileMaker solutions that do exactly what you need them to do with a focus on ease of use paired with crisp interfaces.

[/cta]