Security Considerations
For any company that deals with sensitive data, keeping it secure is crucial to success. While hosting Unifier data on the Oracle Cloud provides security measures, it cannot do everything. For example, it cannot prevent phishing attempts or other attacks that exploit gaps in its users' security awareness. That is why it is important for everyone who works with Oracle Primavera Unifier, whether hosted on-premises or on the Oracle Cloud, to understand what they can do to keep data secure.
Who this information is for
This guide (the Unifier Administration Guide) and the Unifier Integration Interface Guide contain comprehensive information on administrative features, including those related to security.
This section is for anyone who uses, manages, or is just interested in the system. If you are a security expert or administrator, this is a good place to start. It should help you see the big security picture and understand the most important guidelines related to security in Unifier.
For further information on configuring your on-premises Unifier environment securely, refer to the Unifier Security Guide for On-Premises.
Some Security Basics
We use the term administrator to refer to anyone who is responsible for managing a company's data and who can access that data. For our purposes, administrators includes a wide variety of IT professionals, from those who define roles in the Primavera Unifier application to those who manage company servers.
An end user is anyone who uses Primavera Unifier to do their job. This includes project managers, subcontractors, general contractors, and everyone else who logs into Primavera Unifier from an office or jobsite to get their work done.
Administrators
- Set up Single Sign-On (SSO) and enable multi-factor authentication to minimize the number of passwords that users have to remember and to consolidate risk.
- Educate users on how they can avoid unwittingly helping hackers. One of the best ways application administrators and security advocates can help users is by helping them to prevent security breaches.
- Use a VPN to encrypt data being sent over the internet.
- Stay up-to-date about security trends and best practices.
End users
- Follow security guidelines created by their companies and the administrators of any network applications they use.
- Use strong passwords. The more random-looking the better, and avoid reusing passwords.
- Learn to recognize phishing. Phishing is when someone disguises an email or some other transmission as a legitimate message in an attempt to get a user to reveal sensitive information. For example, a hacker may send you an email disguised to look like an email from your employer requesting login information. These attacks are becoming more sophisticated, but you can still protect yourself by making sure any emails you receive or websites you visit are legitimate before using them to share sensitive information.
In This Section
Authentication: How Users Sign On
Authorization: What Users Can Access
Integration with Other Applications
Security for Developers - API Security
Establishing Security Contacts
Last Published Saturday, July 13, 2024