Search only in titles

---

Security Considerations

For any company that deals with sensitive data, keeping it secure is crucial to success. While hosting Unifier data on the Oracle Cloud provides security measures, it cannot do everything. For example, it cannot prevent phishing attempts or other attacks that exploit gaps in its users' security awareness. That is why it is important for everyone who works with Oracle Primavera Unifier, whether hosted on-premises or on the Oracle Cloud, to understand what they can do to keep data secure.

Who this information is for

This guide and the Unifier Integration Interface Guide contain comprehensive information on administrative features, including those related to security.

This section is for anyone who uses, manages, or is just interested in the system. If you are a security expert or administrator, this is a good place to start. It should help you see the big security picture and understand the most important guidelines related to security in Unifier.

For further information on configuring your on-premises Unifier environment securely, refer to the Unifier Security Guide for On-Premises.

Some Security Basics

We use the term administrator to refer to anyone who is responsible for managing a company's data and who can access that data. For our purposes, administrators includes a wide variety of IT professionals, from those who define roles in the Primavera Unifier application to those who manage company servers.

An end user is anyone who uses Primavera Unifier to do their job. This includes project managers, subcontractors, general contractors, and everyone else who logs into Primavera Unifier from an office or jobsite to get their work done.

Administrators

• Set up Single Sign-On (SSO) and enable multi-factor authentication to minimize the number of passwords that users have to remember and to consolidate risk.
• Educate users on how they can avoid unwittingly helping hackers. One of the best ways application administrators and security advocates can help users is by helping them to prevent security breaches.
• Use a VPN to encrypt data being sent over the internet.
• Stay up-to-date about security trends and best practices.

End users

• Follow security guidelines created by their companies and the administrators of any network applications they use.
• Use strong passwords. The more random-looking the better, and avoid reusing passwords.
• Learn to recognize phishing. Phishing is when someone disguises an email or some other transmission as a legitimate message in an attempt to get a user to reveal sensitive information. For example, a hacker may send you an email disguised to look like an email from your employer requesting login information. These attacks are becoming more sophisticated, but you can still protect yourself by making sure any emails you receive or websites you visit are legitimate before using them to share sensitive information.

In This Section

Authentication: How Users Sign On

Authorization: What Users Can Access

Endpoint Security

Confidentiality

Integration with Other Applications

Security for Developers - API Security

Establishing Security Contacts

---

Last Published Tuesday, December 12, 2023