Table of Contents Table of Contents Title and Copyright Information Preface Documentation accessibility Related resources Access to Oracle Support Additional copyright information 1 Security overview Application security overview General security principles Require complex and secure passwords Change passwords periodically Keep passwords private and secure Require secure session practices Lock computers to protect data Provide only the necessary rights to perform an operation 2 Secure installation and configuration Installation overview Transport Layer Security (TLS) Transparent Data Encryption (TDE) Use SSL to communicate with Oracle InForm CRF Submit servers About entering passwords Configure strong database passwords Close all unused ports Disable all unused services Post-installation configuration Restrict access to Oracle InForm CRF Submit server machines Configure strong user passwords Configure roles and rights Download PDF and CSV output onto a secure machine 3 Security features User security features Passwords for new users No data loss after a session transaction Automatically inactivated user accounts Restricted access to the application To restrict access to the Oracle InForm CRF Submit Admin tool Application security features Users assigned to user types Rights assigned to rights groups Users assigned to sites Data security features Restricted viewing of Protected Health Information Audit trails for data security