Contents

Security overview Application security overview General security principles Require complex and secure passwords Keep passwords private and secure Lock computers to protect data Provide only the necessary rights to perform an operation Secure installation and configuration Installation overview Configure strong database passwords Use Transport Layer Security (TLS) Install a signing certificate issued by a Certificate Authority Disable all unused services Close all unused ports Post-installation configuration Restrict access to CIS server machines Configure roles and rights Secure the predefined CIS user accounts Security features User security features Password configuration for user security Passwords for new users Login security No data loss after re-authentication Automatically locked user accounts Restricted access to the application Application security features Rights assigned to roles Users assigned to roles Data security features Audit trails for data security