Locking Down Hitachi ID Access Certifier
Hitachi ID Access Certifier is a security application, and should be locked down accordingly.
In the same way that it makes sense to harden and protect the operating
system and physical installation of a firewall, it makes sense to
minimize the number of components running on a Access Certifier server, to
lock it down, limit logical and physical access to it, and keep its
operating system and web server at current patch levels.
- Multi-layered Security Architecture:
Security is implemented as multiple layers, each of which acts to protect Access Certifier data and embedded privileges.
- Use of Encryption:
Use of Encryption to protect sensitive user data in storage and transit.
- Web Form Input Protection:
Inputs to web forms in Access Certifier are automatically protected against bogus data, buffer overruns and more.