4 Replies Latest reply on Jan 28, 2017 1:45 PM by wimdecorte

    Protection during development


      Hi everybody


      I need someone external from my company to review and improve my FileMaker solution so he needs full-access account

      How to protect my solution from being copied or to leave an indelible trace in the file in order to prove that I developed the solution in case this person make a copy.


      I was thinking to create a pop up windows at the lunching of the solution and to secure it (no access, no modification ) for the "review account" but maybe you have a better idea



        • 1. Re: Protection during development

          If this person needs schema access to do their job, then you're only option is Full Access.  There's nothing you can do to stop them at that point.  If the file(s) are hosted and the developer doesn't have access to FileMaker Server and the server's OS, then at least they can't just download it.  However, with Full Access, someone can easily copy your data, tables, layouts and scripts separately in order to recreate it later on.


          The most powerful tool you can use to protect yourself is to use a reputable firm that has a history of serving other clients.  Our developers sometimes sign non-disclosure agreements if clients request it.  We also carry insurance that protects our clients as well.  Choose a development firm that offers this and more if you're concerned.

          • 2. Re: Protection during development

            If you are hosting file from server, you need not grant access to the server admin console nor the actual server machine--which would be needed to either download a copy or grab a back up copy.


            You can use encryption at rest to encrypt the file. The file on the server will still be one that can be opened and reviewed, but any physical copy cannot be opened without using the encryption key.


            But this only prevents copying the file. A full access user cannot be prevented from copying out specific features--such as scripts or custom functions.

            • 3. Re: Protection during development

              nicodsg wrote:


              leave an indelible trace in the file in order to prove that I developed the solution in case this person make a copy


              Having a timestamped backup of the solution prior to giving it out should prove that before anything you owned it.


              Everything else is a waste of time: if you have to give the admin pw to somebody and he knows what he's doing (using FMPA+admin pw) then you're screwed.

              • 4. Re: Protection during development

                Depending on the nature of the review, perhaps you can just run a BaseElements analysis on it and provide that.  Obviously that too wouldn't prevent someone from copying and pasting bits of the schema and scripts.