| |
Profile
One of our analysts was brought in to this international
pharmaceutical giant to create a security "front end" behind
which all existing FileMaker-based database systems in existence
in that part of the company (as well as a brand new system
under development by us) could be placed in order to meet
every requirement of an electronic system in a strictly government-(FDA)
regulated environment. (Because of our non-disclosure agreement,
we can't show you actual screen shots of the system we built,
so we'll show screens from a prototype that we had developed
previously and upon which this system was based.)
Challenge
The primary challenge was coming up with a security "shell" that
was intuitive, easily managed by a non-programmer, met each
and every FDA (and every corporate Computer Systems Quality
Control) requirement for electronic records/electronic signatures
(called ER/ES for short) such that the system could be officially "validated" as
a secure, accurate system approved for use with critical
pharmaceutical manufacturing data. In addition, many of the
existing systems that were to be put behind this security
front-end were not built by "programmers" and had,
in some cases, to be completely analyzed and in most cases
partially or completely rebuilt first so as to be friendly
with the new security module. At the same time we were able
to remove and streamline the existing code for smarter, faster
systems. Last, in addition to all of the programming, we
wrote the complete validation "package" for each
system which includes many-score pages of official documents
covering the requirements, design, testing, security, periodic
review, document location and control and approval process
of the system for the company's permanent archive.
Solution
The solution we built uses a combination of FileMaker Pro,
network security, FileMaker Server, and a few plugins to
create a simple, easy to understand, easy to administer security
shell that, we feel, in combination with the company's "wickedly
comprehensive" physical security infrastructure, is
generally impervious to nefarious attacks. In addition, the
system was fully validated which means, at least in the eyes
of this client, that the system will stand up against any
computer system audit that the FDA might throw at it.
System
The security shell itself is made up of only three tables...the
Main Menu, the Users file and the Audit Trail file. Any existing
FileMaker system that needs to be plugged into the shell
needs a few scripts and a few fields added to each table
in the system, and the data entry layouts need to be slightly
modified and locked down. The passwording scheme is also
simplifed and standardized and, at that time, the code was
fully commented and optimized.
Special
Features
The Troi Coding plug-in is used to encrypt passwords in
the system to avoid passwords from being intercepted on the
network.
|
|
(Click
on any image for a full-size view)
Every department has its own "Department
Main Menu" which shows a user their open projects,
notifications and projects they have billed time to.
This is the database system's main menu.
The red buttons will only appear for "admin" users.
This is the browse screen for a user
record in the security administration section of the security
shell.
Every change made to data in the database
system is logged here, down to the field level, including
what the data was before and after the change, who made
the change and when. Also, every logon, failed logon attempt
is logged.
This is the "browse only" view
for one of the data entry areas of the database systems.
Only certain users can enter data. Others are "read
only" users.
|
