Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

Security limitations

fed

By fed
in Security Concepts

 Share

This topic is 5021 days old. Please don't post here. Open a new topic instead.

Recommended Posts

fed Community Regular

fed

Posted
Posted

I use my FMP solution in a medical practice. For this reason, it is very important to keep the data secure. Currently, when I leave the office, I close the database, and store it in a password protected DMG on my mac.

I am thinking about using FMgo on my iPad to bring patient information with me on the road. I am not using a server, but rather keep the database local.

My question is:

How secure is the database?

I am worried that if I lose my iPad, someone could hack into the database and access the data somehow. I suppose a similar question is:

Am I overdoing it by placing a password protected database in a password protected DMG?

Thanks,

Fed

Vaughan Grand Master

Vaughan

Posted
Posted

If somebody can get physical access to a file it can be cracked open, given sufficient time.

There are some white papers on security on the FMI web site, it's best to refer to these.

In my experience the maximum security is offered by:

maintaining a physically secure computer to act as host (remember to secure the backups too)

running FM Server on this host computer

setting up access privileges and accounts with strong passwords in the database file to restrict access

Having a copy of the database on your mobile device does not sound secure to me.

fed Community Regular

fed

Posted
  • Author
Posted

That is what I was afraid of. Thanks.

comment Grand Master

comment

Posted
Posted

Nothing can be absolutely secure - the only question is what is reasonable in the circumstances.

I'd put the office file on an external disk, and lock the disk (physically) when leaving the office - same as you would do with a paper-based file cabinet.

As for the iPad, using a file with admin access removed would seem reasonable enough to me - but it is really between you and your insurance company, I think.

Steven H. Blackwell Grand Master

Steven H. Blackwell

Posted
Posted

As for the iPad, using a file with admin access removed would seem reasonable enough to me - but it is really between you and your insurance company, I think.

How does this protect the confidentiality of the data? How does this protect the database against having the data culled out of it?

Steven

fed Community Regular

fed

Posted
  • Author
Posted

If somebody can get physical access to a file it can be cracked open, given sufficient time.

There are some white papers on security on the FMI web site, it's best to refer to these.

In my experience the maximum security is offered by:

maintaining a physically secure computer to act as host (remember to secure the backups too)

running FM Server on this host computer

setting up access privileges and accounts with strong passwords in the database file to restrict access

Having a copy of the database on your mobile device does not sound secure to me.

What about security if the database is on FMserver? I tend to worry about security of online solutions.

This topic is 5021 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept