Saw this on the FBA forum, by Steven Blackwell - by far the most knowledgeable expert on FM security.
If you are going to Devcon, make sure you attend his session. If you are not going: consider going, this is vital information.
Security Audit of A FileMaker System
So far in 2015 we seem well on the way to having a record-breaking year for data breaches. Simply stated, we are now in an era of continuous breaches, some of them very significant in terms of the number of, and the sensitivity of, data records exposed.
Organizations must expect they will suffer breaches. The question has now become, “How can losses be held to a minimum?” when a breach occurs. Some observers and information security experts have labeled this concept as the safe breach. While I am not particularly enamored with that terminology, it nevertheless reflects a realistic viewpoint about the state of information security today.
At the upcoming 20th FileMaker Developer Conference to be held in Las Vegas, Nevada, July 20-23, I am pleased to have the opportunity to present a program entitled “What Would I Find If I Did A Security Audit Of Your FileMaker System?” This will be on Wednesday, July 22nd at 3:45 PM.
In over two decades of FileMaker Platform work, through all nineteen prior Developer Conferences I have attended, I have seen a large number of vulnerabilities in deployed FileMaker Platform systems. FileMaker security vulnerabilities usually stem from one or more of four sources. In this session I will review a number of these vulnerabilities and describe how to close them.
Steven H. Blackwell
Platinum Member Emeritus
FileMaker Business Alliance