Security is something that we and our customers need to contribute to.
We take the security of your data very seriously. Our data centre is ISO 27001 accredited.
The servers are housed in a locked rack in a locked room with physical security and controlled access. Power protection is provided by batteries and emergency generator. The data centre has multiple fibres to the internet and an advanced fire protection system. We use SSL encryption for fmapp connections, For users using WebDirect the web publishing solution FileMaker introduced in version 13 onwards all services are SSL encrypted and users will see a lock symbol.
We have one old FileMaker Server 12 that is not encrypted with SSL to provide compatibility with existing customers with older systems and those who want to use the old web publishing system (IWP) but we encourage users to opt for our sever 14/15 servers.
Your file’s security is something that you should take seriously. This video explains the basics of setting up your database security settings including passwords and access levels. (Even when you have set up passwords beware that if you have set your file to auto logon in file options the won’t be much use!)
Users with a copy of FileMaker Pro Advanced can supply us with files set to ‘Encryption at rest’. This requires you to enter a password on the server control panel when first opening files on the server and will also mean you need to do this again very occasionally when we move to new or standby hardware. With Encryption at rest your database and all our backups will be encrypted when ever stored on disk using the password only you know. If you ever loose that password we will be unable to help you so please consider this if you decide on this option. It is also a good idea to give a second person your password if your database is used by a group of people. That way there is not a problem if we move to standby equipment while you cannot be contacted or are ill.
We encourage the use of external storage for container fields as it improves performance. However you should set these for encryption if they are confidential as server admistrators can view them when upgrading the server etc. Encryption does slow the delivery of your files so open storage is best if the contents are not confidential .