Go to main content
1/96
Contents
Title and Copyright Information
Preface
1
Simphony Security Overview
Basic Security Considerations
Service-Oriented Architecture (SOA)
Authentication
Enterprise Management Console Authentication
Simphony Client Authentication
Point of Sale User Authentication
Running a Workstation Securely with Windows Standard Users
Database User Management
Oracle MICROS Hardware Support Account
Simphony Transaction Services Gen 2 Authentication
Understanding the Simphony Environment
Recommended Deployment Configurations
Operating System Security
Database Security
Oracle Database
Database Engine Not Present on Workstations (Windows-based Workstations only)
Database Engine Exists on Workstations (Windows-based Workstations only)
Database on Linux for MICROS Workstations
2
Performing a Secure Simphony Installation
Pre-Installation Configuration
Simphony Installation
Multi-Factor Authentication
Simphony MFA Configuration Prerequisite Requirement
Simphony MFA Configuration During the Installation of Simphony
Accessing the Simphony EMC Using MFA for the First Time
Assigning MFA EMC Access Privileges
Enrolling Users MFA Email Addresses and Passwords
Setting the Max Allowed Failed Logins for EMC Access
Configuring the SMTP and Backup SMTP Servers in the EMC
Configuring Workstation Database Passwords in the EMC
Post-Installation Configuration
Operating System
Application
Database Platform
Passwords Overview
Changing Default Passwords
Forgotten Password Recovery
Resetting Passwords from the Simphony Web Portal
User Profile Page
Configuring Security Questions
Configuring User Accounts and Privileges
Encryption Keys
Integrity Keys
Changing Database Passwords
Data Purging
3
Implementing Simphony Security
Authorization Privileges
Roles
EMC Configuration
Employee IDs
Employee Levels
Employee Levels and Roles
Employee Level Configuration Best Practices
Employee Groups
Configuration of Employee Groups
Job Code Overrides
Configuring Job Code Overrides
Workstation Security
Assigning Privileges to Allow Installing and Authenticating Workstation Clients
Hardening Security for Workstation USB Ports
Audit Trail
Audit Trail Search Parameters
Audit Trail Search Results
Other Audit Trail Considerations
Audit Trail Purging
Encryption
4
Appendix A: Simphony Port Numbers
Port Numbers
Enterprise Ports
Property Ports
Traffic Note
Interface Ports
iCare/Loyalty Ports
Oracle Component Ports
5
Appendix B: Module Accessibility
6
Appendix C: Key Manager Manual
General Information
About the Simphony Encryption Key Manager Module
D-Secure Key Practices
Key Manager Security Enhancements
The Encryption Scheme
Operational Considerations
Periodic Key Rotation
7
Appendix D: Key Manager Module
Operating Conditions
Authorizations
Key Manager Module
Changing the Pass Phrase
8
Appendix E: Simphony Payment Interface
Configuration Requirements for PSP using Transport Layer Security (TLS) in EMC
No TLS Support
TLS Server Certificate Support
Scripting on this page enhances content navigation, but does not change the content in any way.