Solving an Old Problem
When you consider how to keep information safe, you might first imagine a team of hackers in a dank basement typing and clicking their way into your bank account.
You might not think immediately of physical security, though it is an older and real concern. Even when your data is stored securely on a computer, Jenny or James from Accounting (no offense, Accounting Department) can walk behind you and see the credit card number you are typing in. The person who just ordered a latte at Starbucks could steal a glance at your iPad or iPhone and see someone’s salary. Fortunately, FileMaker 15 offers a quick solution to this problem, with the “Concealed edit box” option for fields.
How it Works
Whatever you type into a field with “Concealed edit box” as the control type, appears as bullets rather than text, even while you are typing it. You can add, edit, paste into, and delete content without anyone seeing what you are doing. You can’t copy the contents of the field, so no one can use copy-and-paste to reveal what is in the field. When you aren’t editing the field, the content appears as 8 bullets, even if the content has fewer or more than 8 characters—although if you leave the field empty, no dots appear.
Limitations
The “Concealed edit box” option does not represent comprehensive security for sensitive data. To truly safeguard your data, you should employ techniques detailed in The FileMaker Security Guide, with special consideration for Encryption at Rest and encrypted communication between clients and servers. The data in such a field is not encrypted. The “Concealed edit box” choice only affects how a field looks. You can perform finds on the field, and Find Matching Records from the contextual menu, just as you would with any other field. If you use Export Field Contents or Export Records, the field value will appear undisguised in the exported file, even if you select the “Apply current layout’s data formatting to exported data” option.
Validating Concealed Data
Since with the “Concealed edit box” option selected, you can’t see the data as you type it in, there is increased risk of mistakes. Consider validating the data using a calculation. For example, if a field contains Social Security numbers, include a test calculated as follows:
Let ( [
s = self ;
lengthOk = length ( s ) = 11 ; //Make sure it’s 11 characters.
hyphensOk = patterncount ( s ; “-” ) = 2 ; //There should be 2 hyphens.
separated = substitute ( s ; “-” ; ¶ ) ; //I’ll separate the SSN into 3 segments so I can make sure each one has the proper length.
firstSegment = getvalue ( separated ; 1 ) ;
secondSegment = getvalue ( separated ; 2 ) ;
thirdSegment = getvalue ( separated ; 3 ) ;
firstSegmentOk = length ( firstSegment ) = 3 ;
secondSegmentOk = length ( secondSegment ) = 2 ;
thirdSegmentOk = length ( thirdSegment ) = 4
] ;
lengthOk and hyphensOk and firstSegmentOk and secondSegmentOk and thirdSegmentOk
)
With this calculated validation, you can set up the system to tell users if they forget a digit or mistype.
A Helpful Tool in the Toolbox
In keeping the eyes of passersby off of important data, “Concealed edit box” helps keep your data secure. When used in combination with other powerful security options from FileMaker, it effectively mitigates the risks of storing sensitive data.