Hi everyone!

I'm new to FileMaker, and have a philosophical question regarding security.

We plan to implement a single database (on FileMakerServer) of sensitive information (think sales leads). Each lead will be assigned to a sales rep. We want to then distibute the DB in Filemaker Go format to our sales force, all of whom have iPads. We want each sales rep to see only his/her leads.

The question is - should we send the entire DB to every sales rep and use programming/admin techniques to try and restrict access to only their records, or would it be better to send a subset of the data to each rep, the subset being only their leads? Would it be easy to produce a few hundred FileMaker GO files (each identical except for the data content), or easier to implement some sort of filtering security?

Thanks!

Are you planning to host this database on FileMaker Server, and have FM Go clients connect to the server to access the database?

Or will you be distributing the database to each device, so it is local on their system? If so, how do you plan to get new data into their database?

What needs to be done with the data once the sales reps have it/after they are done with it?

Hi Dan,

Thanks for your reply. We will be distributing a DB to each device, so they can work without an internet connection. The comprehensive (all leads) DB will be maintained on FMServer. We're planning to periodically email a DB file to each iPad. The file we mail would replace any existing (older) file on the device.

As regards to what will happen once the DB is on the device, we'll probably have them record sales calls (date of the call and maybe some notes) and then sync that back to the Server DB when they can get an internet connection.

That's the plan anyway, so the question is, is it feasible to customize (limit) the data content in each DB we send to each device, or is it better to send the entire comprehensive DB and use programming or admin tools to limit access to only those records relevant to each individual?

I think your general approach should be re-evaluated.

I haven't used it, and can't give you any advice for using it, but this product is made for syncing FM Go with a hosted database: http://www.seedcode.com/cp-app/ste_cat/gozync

Try to avoid continually re-distributing a database with new data; I think this will cause headaches for you. Yes, I think you should restrict access to records based on the current user, but that should be done on the hosted file. You may be able to have users connect to the hosted file to download only their data, then the local database on the iOS devise would only pertain to that user, so you wouldn't need to restrict access on a per-record basis there.

Thanks Dan, I think that approach will work for the current project.

I strongly urge you to use the most robust security possible on this system. All it would take is for one of the mobile devices to fall into the wrong hands and an attack could be launched to retrieve your confidential data. Set up strong passcodes on the mobile device and enable the wipe data feature.

Steven