Security
GoZync4.Security History
Show minor edits - Show changes to markup
You'll find this "Sync" privilege set in GoZyncMobile as well so if you log GoZyncMobile in using "Sync" in your Upon Opening script AND GoZyncMobile and GoZyncHosted have the same account name and password for the "Sync" privilege set, you can turn off the File Options account in GoZyncHosted. That is idea.
So in this ideal setup it would look like this:
'!! Authentication (Files on your iPhone or iPad)
Authentication (Files on your iPhone or iPad)
Authentication
Local files (Files on your iPhone or iPad)
Local Files
'!! Authentication (Files on your iPhone or iPad)
Hosted Files
Hosted Files
Then, when you need to log in as an admin user, run the "Relogin" script from GoZyncHosted and enter your Admin account and password. (You likely want to switch this from Admin / blank which is the FileMaker default for admin accounts and a bit easy to guess.)
Then, when you need to log in as an admin user, run the "Relogin" script from GoZyncHosted and enter your Admin account and password.
Changing default Full Access accounts
You'll likely want to switch the default Full Access account fro both GZM and GZH from Admin / blank which is the FileMaker default for admin accounts and a bit easy to guess.
http://www.seedcode.com/rootimages/pmwiki/gozync/syncprivset.png
http://www.seedcode.com/rootimages/stikipad/gozync/syncprivset.png
GoZyncHosted doesn't have any file references to your hosted solution (your "mothership" files) but it does contain your configuration instructions, so you don't want just any user messing around in there. We've created two privilege sets in GoZyncHosted: "Admin" and "Sync". Admin is a full access privilege set and "Sync" is a lower level access that lets users sync but not change the sync settings. We recommend you default GoZyncHosted to the sync privilege set, and then log in as an admin user when you want to make changes to the sync settings
GoZyncHosted doesn't have any file references to your hosted solution (your "mothership" files) but it does contain your configuration instructions, so you don't want just any user messing around in there. We've created two privilege sets in GoZyncHosted: "Admin" and "Sync". Admin is a full access privilege set and "Sync" is a lower level access that lets users sync but not change the sync settings. We recommend you default GoZyncHosted to the sync privilege set, and then log in as an admin user when you want to make changes to the sync settings.
To do this, open GoZyncHosted and select File Options from FileMaker's File menu. The under the "Open" tab, enter the default Account and Password for the "Sync" privilege set: both of which are "Sync":
http://www.seedcode.com/rootimages/pmwiki/gozync/syncprivset.png
Then, when you need to log in as an admin user, run the "Relogin" script from GoZyncHosted and enter your Admin account and password. (You likely want to switch this from Admin / blank which is the FileMaker default for admin accounts and a bit easy to guess.)
You really don't need to secure your files any differently than you do now: syncing users will be asked to authenticate
You really don't need to secure your files any differently than you do now: syncing users will be asked to authenticate when they sync begins and if their login fails the sync will abort.
GoZyncHosted doesn't have any file references to your hosted solution (your "mothership" files) but it does contain your configuration instructions, so you don't want just any user messing around in there. We've created two privilege sets in GoZyncHosted: "Admin" and "Sync". Admin is a full access privilege set and "Sync" is a lower level access that lets users sync but not change the sync settings. We recommend you default GoZyncHosted to the sync privilege set, and then log in as an admin user when you want to make changes to the sync settings.
GoZyncHosted doesn't have any file references to your hosted solution (your "mothership" files) but it does contain your configuration instructions, so you don't want just any user messing around in there. We've created two privilege sets in GoZyncHosted: "Admin" and "Sync". Admin is a full access privilege set and "Sync" is a lower level access that lets users sync but not change the sync settings. We recommend you default GoZyncHosted to the sync privilege set, and then log in as an admin user when you want to make changes to the sync settings
If you do choose to require authentication in the local file, users will be asked to authenticate when they:
If you do choose to require authentication in the local file, users will be asked to authenticate each time they open the file. If you're breaking connections to the served files often, users will also be asked to log in...
So here are our recommendations for securing your mobile files (you do this to GoZyncMobile as well if you wish).
So here are our recommendations for securing your mobile files (you can do this to GoZyncMobile as well if you wish).
When it comes to your hosted files, your mobile file will actually first connect to an intermediary file: GoZyncHosted (here is a map of how all this work). When "pushing" this is the only file that opens. When "pulling" or "round-tripping", both GoZyncHosted and your mothership file are opened.
When the remote file hits the GoZyncHosted, you should ask for the user to authenticate. This means you should add user accounts to GoZyncHosted (GZH). GZH then sends its contents to the main solution either as part of a pull or round trip (in which case a user authenticates into your main solution) or as a script schedule, which is itself run under an authenticated account. (Learn more about automated processing?.)
If you choose to require authentication in GoZyncHosted, users will be asked to authenticate:
You can also use "file protection" (introduced in FileMaker 11) between the remote and intermediary files if you'd like, and/or between intermediary and the main solution.
When it comes to your hosted files, GoZyncMobile will open your hosted solution (your "mothership" files) at the beginning of a sync session. This is when users will be asked to log into your solution.
Our Recommendations: Your Hosted Files
You really don't need to secure your files any differently than you do now: syncing users will be asked to authenticate
Though each deployment will have to consider their unique security requirements, the following recommendations offer the best user experience for working your local GoZync file.
GoZyncHosted doesn't have any file references to your hosted solution (your "mothership" files) but it does contain your configuration instructions, so you don't want just any user messing around in there. We've created two privilege sets in GoZyncHosted: "Admin" and "Sync". Admin is a full access privilege set and "Sync" is a lower level access that lets users sync but not change the sync settings. We recommend you default GoZyncHosted to the sync privilege set, and then log in as an admin user when you want to make changes to the sync settings.
Get Account name for filtering found sets: two methods
1. Make a simple script in your hosted file that returns account name as a script result. (create example in QuickContactHosted).
2. Create accounts and passwords in GZM to match your hosted files.
Get Account name for filtering found sets: two methods
1. Make a simple script in your hosted file that returns account name as a script result. (create example in QuickContactHosted).
2. Create accounts and passwords in GZM to match your hosted files.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will choose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in syced files than others because a) the file often doesn't have any/much data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will choose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in synced files than others because a) the file often doesn't have any/much data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will chose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in syced files than others because a) the file often doesn't have any/much data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will choose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in syced files than others because a) the file often doesn't have any/much data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
And if you're concerned about theft of the mobile device, check out the Remote Wipe available here: http://www.apple.com/ipad/built-in-apps/find-my-ipad.html Note that you can also turn off "simple passcodes" in your iPhone or iPad's settings to use longer, more secure device passwords.
If you're concerned about theft of the mobile device, check out the Remote Wipe available here: http://www.apple.com/ipad/built-in-apps/find-my-ipad.html Note that you can also turn off "simple passcodes" in your iPhone or iPad's settings to use longer, more secure device passwords.
Local files. (files on your iPhone or iPad)
Local files (Files on your iPhone or iPad)
Users will also be asked to authenticate each time they return to an open local file (such as after switching away to another ap, or after closing their iPad) unless they enable the fmrestorelogin extended privilege. This is enabled in our Mobile.fp7 file by default for the [Full Access] privilege set.
You'll likely want to add this to the privilege set your users are using for the Mobile.fp7 file as well.
Users will also be asked to authenticate each time they return to an open local file (such as after switching away to another ap, or after closing their iPad) unless you use the fmreauthenticate extended privilege to control when users will be required to reauthenticate after not using FileMaker Go for a specified period of time. You'll likely want to add this to the privilege set in effect on your iOS Devices.
Our Recommendations: Your Mobile Files
So here are our recommendations for securing your mobile files (you do this to GoZyncMobile as well if you wish).
When it comes to your hosted files, your mobile file will actually connect to an intermediary file: GoZyncConnector (here is a map of how all this work).
When the remote file hits the intermediary, you can choose to ask for the user to authenticate, but they only need to log into the intermediary file: your remote users don't need accounts in your master solution. The intermediary, GoZyncConnector, then sends its contents to the main solution either manually (in which case a user authenticates into your main solution) or as a script schedule, which is itself run under an authenticated account. (Learn more about automated processing?.)
If you choose to require authentication in GoZyncConnector, users will be asked to authenticate:
When it comes to your hosted files, your mobile file will actually first connect to an intermediary file: GoZyncHosted (here is a map of how all this work). When "pushing" this is the only file that opens. When "pulling" or "round-tripping", both GoZyncHosted and your mothership file are opened.
When the remote file hits the GoZyncHosted, you should ask for the user to authenticate: this means you should add user accounts to GoZyncHosted (GZH). GZH, then sends its contents to the main solution either as part of a pull or round trip (in which case a user authenticates into your main solution) or as a script schedule, which is itself run under an authenticated account. (Learn more about automated processing?.)
If you choose to require authentication in GoZyncHosted, users will be asked to authenticate:
Our recommendations.
Our Recommendations: GoZyncHosted
For larger customers, Apple has a suite of Mobile Device Management (MDM) applications to help secure devices, push profile changes, pull applications and monitor password compliance. Learn more here: http://www.apple.com/iphone/business/integration/mdm/
For larger customers, Apple has a suite of Mobile Device Management (MDM) applications to help secure devices, push profile changes, pull applications and monitor password compliance. This can help more thoroughly secure your iOS devices. Learn more here: http://www.apple.com/iphone/business/integration/mdm/
Layouts
Several of the layouts in our sample mobile file are exposed in the layout menu. This is done to make it easier for developers to get in there and hook up the files to their solutions. When you deploy these files you'll want to make sure that only the solution specific layouts are exposed in the layout menu, hiding any layouts in the Under the Hood menu. Same goes for the GoZyncConnector file.
Local files.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will chose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in GoZync files than others because a) the file often doesn't have any data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
Local files. (files on your iPhone or iPad)
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will chose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in syced files than others because a) the file often doesn't have any/much data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
Enterprise customers: MDM
For larger customers, Apple has a suite of Mobile Device Management (MDM) applications to help secure devices, push profile changes, pull applications and monitor password compliance. Learn more here: http://www.apple.com/iphone/business/integration/mdm/
And if you're concerned about theft of the mobile device, check out the Remote Wipe available here: http://www.apple.com/ipad/built-in-apps/find-my-ipad.html
And if you're concerned about theft of the mobile device, check out the Remote Wipe available here: http://www.apple.com/ipad/built-in-apps/find-my-ipad.html Note that you can also turn off "simple passcodes" in your iPhone or iPad's settings to use longer, more secure device passwords.
And if you're concerned about theft of the mobile device, check out the Remote Wipe available here: http://www.apple.com/ipad/built-in-apps/find-my-ipad.html
- Finally your intermediary file, GoZyncConnector, doesn't need any accounts that are shared with your main solution unless you're processing your inbox automatically?; if you're processing by hand, you'll simply be asked to authenticate into your solution when you process your first InBox record.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. If you do choose to require authentication, you'll want to add the
> > privilege set stuff for preventing constant auth requests.
Local files.
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. Many users will chose to use an auto-enter account and password so local users won't be asked to authenticate each time they open the mobile file. This makes more sense in GoZync files than others because a) the file often doesn't have any data in it, b) you can instruct users to secure the device with strong passwords, instead of securing the file, and c) the local file has no account information (no access) for the hosted files.
If you do choose to require authentication in the local file, users will be asked to authenticate when they:
Users will also be asked to authenticate each time they return to an open local file (such as after switching away to another ap, or after closing their iPad) unless they enable the fmrestorelogin extended privilege. This is enabled in our Mobile.fp7 file by default for the [Full Access] privilege set.
You'll likely want to add this to the privilege set your users are using for the Mobile.fp7 file as well.
Hosted Files.
If you choose to require authentication in GoZyncConnector, users will be asked to authenticate:
Our recommendations.
Though each deployment will have to consider their unique security requirements, the following recommendations give, we believe the best user experience for working your local GoZync file.
- Finally your intermediary file, GoZyncConnector, doesn't need any accounts that are shared with your main solution unless you're processing your inbox automatically?; if you're processing by hand, you'll simply be asked to authenticate into your solution when you process your first InBox record.
You can also use "file protection" (introduced in FileMaker 11) between the remote and intermediary files if you'd like, and/or between intermediary and the main solution.
You can also use "file protection" (introduced in FileMaker 11) between the remote and intermediary files if you'd like, and/or between intermediary and the main solution.
When the remote file hits the intermediary, you can choose to ask for the user to authenticate, but they only need to log into the intermediary file: your remote users don't need accounts in your master solution. The intermediary, GoZyncConnector, then sends its contents to the main solution either manually (in which case a user authenticates into your main solution) or as a script schedule, which is itself run under an authenticated account. (Learn more about automated processing?.)
When the remote file hits the intermediary, you can choose to ask for the user to authenticate, but they only need to log into the intermediary file: your remote users don't need accounts in your master solution. The intermediary, GoZyncConnector, then sends its contents to the main solution either manually (in which case a user authenticates into your main solution) or as a script schedule, which is itself run under an authenticated account. (Learn more about automated processing?.)
Several of the layouts in our sample mobile file are exposed in the layout menu. This is done to make it easier for developers to get in there and hook up the files to their solutions. When you deploy these files you'll want to make sure that only the solution specific layouts are exposed in the layout menu, hiding any layouts in the Under the Hood menu. Same goes for the GoZyncConnector file.
Several of the layouts in our sample mobile file are exposed in the layout menu. This is done to make it easier for developers to get in there and hook up the files to their solutions. When you deploy these files you'll want to make sure that only the solution specific layouts are exposed in the layout menu, hiding any layouts in the Under the Hood menu. Same goes for the GoZyncConnector file.
Authentication
It is up to you to decide if you want to require users to authenticate in to your mobile file on their iOS device. If you do choose to require authentication, you'll want to add the
> > privilege set stuff for preventing constant auth requests.
When it comes to your hosted files, your mobile file will actually connect to an intermediary file: GoZyncConnector (here is a map of how all this work).
When the remote file hits the intermediary, you can choose to ask for the user to authenticate, but they only need to log into the intermediary file: your remote users don't need accounts in your master solution. The intermediary, GoZyncConnector, then sends its contents to the main solution either manually (in which case a user authenticates into your main solution) or as a script schedule, which is itself run under an authenticated account. (Learn more about automated processing?.)
You can also use "file protection" (introduced in FileMaker 11) between the remote and intermediary files if you'd like, and/or between intermediary and the main solution.
Layouts
Several of the layouts in our sample mobile file are exposed in the layout menu. This is done to make it easier for developers to get in there and hook up the files to their solutions. When you deploy these files you'll want to make sure that only the solution specific layouts are exposed in the layout menu, hiding any layouts in the Under the Hood menu. Same goes for the GoZyncConnector file.