With the separation model, what is the approach to security in the data files? Specifically restricting access to particular fields?

Toffler

Well, there are several methods:

1 - you can create all the accounts in the data file and set privs as you would usually do.

2 - you can set an account in the data file that has some general restrications, and in the "file options" choose this account as the defual startup account.

This way you can lock status bar and menu bar and a user that trys to open this file will get an empty layout and no functionality at all.

All the record-base restriction will be done from the GUI file.

3 - you can combine the two methods above the user will authenticate through the gui and in the data file you have two options : first option will be as method 1 above . second option will be a table in the data file which specifies for each user his permissions (it can be per location,department, etc...) and basically use a dynamic account that changes permissions per user by matching it to the record parameters. usuualy this requires you to add a field "write permissions" that calculates the privs and then the account is using this field as a boolean expression...

4 - Just give it full access and let the users be responsible for it.

I used every method above as each method was suitable for a different solution.

Maybe there are more methods, but I usually work with these.

The most secure one, in my opinion, is an impementation of the first option in method 2.

The most flexible-secure one is the second option in method 2.

Just my 2 cents....