In filemaker, the main security kicks in once a user selects a file to open. Thus an unauthorized user may be able to see the name of one or more files in the open remote dialog, but they shouldn't be able to open the file without using a valid account name and password.
I understand this and I guess the question I should have asked or maybe my following question here is, how safe is the filemaker security feature?
My concern here is some hacker getting in and deleting, changing, or even worst taking my information.
I set up all the individual accounts and made sure the passwords are not easy to guess but im not a hacker or anything close so how would I really go about testing this or how do i know how safe my information really is.
I have the same worry, what if your ex employee install another copy of fmp in his computer at home, and key-in the same information in open remote. Ok, you may ask me to change the username and password, what if I have a spy in my office. Username and password can be leak out at that very moment, and outsider can access the database easily. Is there a way to fixed certain pc into the "allow access " list? I just don't know how? Any pro can help?
Your first line of defense is to have a pro set up firewalls and a VPN into your server. Then make sure all all accounts have strong passwords and require users change passwords every few weeks. Set the FMS to allow the user to only see the files they have privileges for (this results in a double challenge once to get into FMS and again to gain access to a file.). Create a user log in your main db that creates a record when the user logs in and back out and review the logs. Review your server logs to see who is getting in and trying to get in. Delete the accounts of former employees ASAP upon them becoming former. And lastly FM Server does provide for SSL encryption, but it does slow things down. The necessity of all of this is a function of value of the data.