Siebel Security Guide > About Security for Siebel Business Applications >

Roadmap for Configuring Security

This topic provides a general overview of tasks you can perform to take advantage of security resources for Siebel Business Applications. Use this topic as a checklist for setting up security for your Siebel environment.

NOTE:  Perform any vendor-recommended tasks for securing your server or database before you install Siebel Business Applications. Perform other security tasks after you have installed Siebel Business Applications and have verified that it is functioning correctly.

Each task includes a pointer for more information on how to perform the task. Pointers include references to later topics in this guide as well as to other documents on the Siebel Bookshelf.

1. During Siebel Business Applications installation, plan your Siebel Server and third-party HTTP load balancer TCP port usage for firewall access.

   For guidelines on implementing firewalls and port usage, see Siebel Security Hardening Guide.

2. After you install Siebel CRM, change the passwords for Siebel accounts regularly:
   • Change the password for the Siebel administrator account regularly.
   • Add a password for updating Web server images.

     For more information, see Changing and Managing Passwords.

3. Make sure communications and important data is encrypted. See Communications and Data Encryption.
4. Implement security adapter authentication or Web Single Sign-On to validate users. For more information, see Security Adapter Authentication and Web Single Sign-On Authentication.
5. Set up an access control system to control user visibility of data records and Siebel application views. For more information, see Configuring Access Control.
6. Enable audit trail functionality to monitor database updates and changes.

   For information on Siebel audit trail functionality, see Siebel Security Hardening Guide and Siebel Applications Administration Guide.

7. Make sure communications between Mobile Web Clients and your Siebel site are secure.

   Enable encryption for Mobile Web Clients. See Configuring Encryption for Mobile Web Client Synchronization.

   For other Mobile Web Client security issues, such as changing passwords on the local database, and encrypting the local database, see Siebel Remote and Replication Manager Administration Guide.