Introduction
For any company that deals with sensitive data, keeping it secure is crucial to success. While hosting Oracle Preconstruction data on the Oracle Cloud provides security measures, it can't do everything. For example, it can't prevent phishing attempts or other attacks that exploit gaps in its users' security awareness. That's why it's important for everyone who works with Preconstruction to understand what they can do to keep data secure.
Who this guide is for
Security is everyone's business. This guide is for anyone who uses, manages, or is just interested in Preconstruction. If you're a security expert or administrator, this is a good place to start. It should help you see the big security picture and understand the most important guidelines related to security in Preconstruction.
For comprehensive information on administrative features, including those related to security, refer to:
- Managing Personal Information in Preconstruction: Australia/New Zealand | US/Canada
- Setup Overview: Australia/New Zealand | US/Canada
- Settings (General Contractors): Australia/New Zealand | US/Canada
Some Security Basics
We'll use the term administrator to refer to anyone who's responsible for managing a company's data and who can access that data. For our purposes, administrators include a wide variety of IT professionals, from those who define roles in the Preconstruction application to those who manage company servers.
An end user is anyone who uses Preconstruction to do their job. This includes general contractors, subcontractors, and everyone else who logs into Preconstruction from an office or jobsite to get their work done.
Administrators should...
- Set up Single Sign-On (SSO) and enable multi-factor authentication to minimize the number of passwords that users have to remember and to consolidate risk.
- Educate users on how they can avoid unwittingly helping hackers. One of the best ways application administrators and security advocates can help users is by helping them to prevent security breaches.
- Use a VPN to encrypt data being sent over the internet.
- Stay up-to-date about security trends and best practices.
End users should...
- Follow security guidelines created by their companies and the administrators of any network applications they use.
- Use strong passwords. The more random-looking the better, and avoid reusing passwords.
- Learn to recognize phishing. Phishing is when someone disguises an email or some other transmission as a legitimate message in an attempt to get a user to reveal sensitive information. For example, a hacker may send you an email disguised to look like an email from your employer requesting login information. These attacks are becoming more sophisticated, but you can still protect yourself by making sure any emails you receive or websites you visit are legitimate before using them to share sensitive information.
Last Published Friday, June 23, 2023