...

Users should not be assigned privileges they do not need or do not have the skills to use safely. For example, a user with the ability to delete all records in a table in one operation can do considerable unintentional damage if they are not familiar enough with 

Companyname

's architecture.  Only trusted and trained users should be placed in the Admin group, as that group can make drastic changes to the structure and data of your system.

Use SSL and HTTPS

When accessed as a SaaS service, Agiloft is available through HTTPS access only. If you install it on your own server, we strongly recommend that you also make it available over HTTPS, even if it is being used behind the firewall. This protects information transferred over the network from being accessed by a malicious individual.

Use SSL via HTTPS to secure web browser connections to the 

Companyname

 server. Using standard HTTP to connect to the 

Companyname

 server exposes passwords and potentially sensitive information to anyone able to monitor network traffic, and opens up additional methods of attack by intercepting its network traffic.

To connect to your web server using SSL you will need to configure it manually, as it is not configured with SSL by default. You will need to purchase or generate a server certificate that authenticates your server to the clients. This configuration differs depending on the host operating system and the web server software you use. The following resources may help:

• Securing Your Apache 2 Server with SSL
• Van's Apache SSL/TLS mini-HOWTO
• How to implement SSL in IIS

Even if you must allow access to some accounts through standard HTTP, ensure that HTTPS is used to access more sensitive accounts such as those in the Admin group or with login access to the  Admin Console.

Restrict Login Access to the 

Companyname

 Server

...