Thanks to its IBM Domino powered server engine, PickaForm has a very powerful security model, which works mainly as a funnel, from the highest level to the lowest level
In this post, I will detail how it works.
1. Access to the server
The first level is obviously the access to the server, which allows you to authenticate with your username (email address) and your password.
2. Access to applications
Every application you create with PickaForm generates a new database on the server, and this database is dedicated to you: access to this database is locked for your unique identifier.
Unlike many cloud services that use a single huge database for all their customers, PickaForm does not mix any data. This has several advantages:
– it is impossible for a software bug to mix data from multiple customers
– it is impossible for a software bug to allow a customer to mistakenly access data from another customer
– the data backup is much more modular
– in the event of a problem on a database, the impact is very local because it concerns only one application of a single client
– we can easily restore data from one application without risk to other databases
Of course, you can decide, for each application, who can access it.
Your users will only see on their workspace the applications for which they have an access:
To change access to your applications, you must go to your Account Management and then to the Applications section:
Double-click an application in the list and edit the Access rights section:
3. Access to forms
Forms are at the heart of PickaForm as they allow you to create new data in your applications. However, we can restrict who can create what.
When they click on the button Create new data, the users will only see the forms for which they have a right of creation:
To modify who can create a certain type of data, go to the section Setup your application> Forms, then double-click on the form to be secured:
The Security section allows you to adjust 3 things:
(a) who can create new data from this form
(b) who will be able to read the data created from this form
(c) who can modify the data created from this form
Note that for points (b) and (c), this will simply set default rights on the created data.
4. Access to lists
Lists allow users to view all the data in an application in an organized manner, like this:
When users access an application, they do not necessarily see all the available lists, which can be independently secured.
To show or hide a list, simply switch to design mode clicking the wrench icon or using the list context menu:
Then click the List Properties button:
You’ll be able to adjust who can see the list:
5. Access to records (documents)
In PickaForm, every data of an application can be individually secured for reading and/or writing.
It is important to understand that if a data is not readable for a given user, then this data will not appear for him in any of the application lists.
You can also enable the form Security feature, so you can adjust the security of a data directly from it.
To do this, from a data, click the Edit form features button, and then enable the Security feature:
Your data will then contain a new section allowing you to adjust the security of the data individually:
6. Access to form sections and form fields
Once a user could connect to the server, open an application, open a list, and open a data, it does not mean that he accesses all the information of this data!
Indeed, a form can be composed of several sections that can be secured differently, and each field can also be accessible for reading and / or writing individually.
To adjust the security of sections and fields of a form, you must go into Design mode with the Edit the form button:
Then double-click on the section or the field to secure, and go to the Access tab:
That’s it !
As you can see, it’s really easy.
Conclusion
We have just seen how to secure a PickaForm application.
Since access to the highest level (the application) to the lowest level (the field), there is always a solution to secure all or part of a PickaForm application.