During the installation and configuration process for PPM, several options are available that impact security. Depending on your organization's security requirements/policy, you might need to create a highly secure environment. Use the following guidelines to plan your security strategy for PPM:
- Review all security documentation for applications and hardware components that interact or integrate with PPM. Oracle recommends you harden your environment, but be aware of the following: PPM is based on the Microsoft .NET Framework and needs to install assemblies in the Global Assembly Cache, so the PPM installation uses the Microsoft Windows Installer.
That means the environment should not be hardened before PPM is installed because doing so would cause an installation of PPM to fail. For more information, refer to Primavera Portfolio Management Enabling Single Sign-On in the Oracle Primavera Portfolio Management System Administration Guide. The environment can be hardened after the installation. However, the hardening needs to be undone whenever a patch, upgrade or new version is installed. This is usually achieved by running “undo” scripts that reverse the hardening. After the patch, upgrade or new version is installed, the hardening needs to be done again. Specific steps for hardening and undoing the hardening depend on the exact operating system version used to host PPM, on the needs of other applications hosted on the same server, as well as on a number of other factors. It is not possible to simply provide steps; and Microsoft no longer provides a simple guide but instead provides numerous tools to achieve hardening.
- Read through the summary of considerations for PPM included in this document. Areas covered include: secure deployment, authentication options, authorization, confidentiality, sensitive data, and reliability.
Note: As with any software product, be aware that security changes made for third party applications might affect the PPM application.