FileMaker Security Levels By Function

From Dwayne Wright PMP, PMI-ACP, CSM
Certified FileMaker Developer

TWITTER: dwaynewright
YOUTUBE: FileMakerThoughts

Generally speaking, security levels can be broken down into the following segments. This can be a handy way to look at security as you reflect how it pertains to the FileMaker solution you want to protect.

NO ACCESS - Some people should have absolutely no access to anything in a FileMaker file. If possible, they should not be able to find out the file exists. There are ways to hide a FileMaker file on a network to casual browsing.

NO ACCESS BUT INFORMATION LINKING - Some users should not be able to see anything in a FileMaker table. The user will need to have some access to the file because other resources they use do need access.

OBSERVATION & SEARCHING OF INFORMATION - A user needs to view or search for information within a FileMaker solution. The access level can be controlled to include some or all fields and layout screens. This can be used by individuals that check status such as reservations or as part of a web page that does the same thing. This security level cannot add, edit or delete data in the file. This level may or may not need printing privileges.

THE CREATION OF INFORMATION - This security level can open the table, click a new record button, enter in information and repeat the last two steps. They normally don’t need access to a lot of layouts, scripts or other files. This access may be used by temporary employees, new hires or users from other office departments.

THE CREATION & SEARCHING OF INFORMATION - A user needs to create new information and possibly perform searches. The access level can be controlled to include some or all fields and layout screens. These users may need to search the database to make sure that a record does not already exist before they type it in. They may need access to a data entry screen, a search screen and a search results screen.

RECORD ENTRY OR EDITING - This includes creating new records, searching for records and editing existing records. This is normally includes the folks on the administrative side of the fence. You know them, they are the ones with the keys to the office supply cabinet.

VIEWING OF DATA AND OCCASIONAL RECORD ENTRY - This can include users that can see information in some tables and add data to some tables. My online FMP 7 article database for example allows some accounts to view articles but does not allow new articles or editing of existing articles ... except for ... the feedback table. Here a user can add new records that supply feedback information about a particular article.

THOSE THAT BLESS - These are those that bless a record so it can go further up the administrative chain. An example would be the admin department blessing an order to go to shipping. These folks may need to perform searches and they may not. Many times you can rig up a portal that allows them to batch bless records. Each portal item may have a button that allows them to see the specifics of a record in order to make a blessing based decision.

ALL ACCESS / NO DESIGN - These are the individuals that need access to all areas of the database but do not have or need designer level access. This is normally the upper level managers or department supervisors. You may still want to hide a thing or two from a design perspective. Giving any user too much access can cause design problems. Can you seriously think you can design a FileMaker file to anticipate what all users will do under all the diverse business situations that may arise?

DESIGNER ACCESS - Full access to everything. This goes beyond the master password. You also need access to the machine the files reside on both in the office and remotely from home.

More info about the author and FileMaker in general, contact me at

© 2007 - Dwayne Wright -

The material on this document is offered AS IS. There is NO REPRESENTATION OR WARRANTY, expressed or implied, nor does any other contributor to this document. WARRANTIES OF MERCHANT ABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE EXPRESSLY DISCLAIMED. Consequential and incidental damages are expressly excluded. FileMaker Pro is the registered trademark of FileMaker Inc.