Least Privilege Design Principles
IntermediateApply the principle of least privilege to every access decision in a FileMaker solution.
What you'll learn
- What least privilege means in FileMaker terms
- Applying least privilege to users, scripts, and service accounts
- Reviewing and tightening existing privilege sets
- Balancing security with usability
The principle of least privilege says every user, process, and account should have only the minimum access required to do their job -- nothing more. In FileMaker, this means designing privilege sets that are as restrictive as possible without impeding legitimate work. It is a design philosophy, not a single setting.
Start from no access
When creating any new privilege set -- for a user role, a service account, or a script runner -- start from "no access" on everything. Add only the minimum permissions the role requires. This means you consciously approve every permission you grant rather than accidentally leaving inherited permissions in place.
Sign in to track your progress and pick up where you left off.
Sign in to FM Dojo