KB: Web Interface Security: Difference between revisions
(Created page with '==Introduction== When using the open Internet in order to process and receive customer related transactions between your workstation and the CommitCRM database, the need to upgra…') |
|||
Line 7: | Line 7: | ||
==Is SSL Enough?== | ==Is SSL Enough?== | ||
In order to enhance security we usually suggest users to work over SSL - the Commit Web Interface fully supports SSL Encryption which help protect from 3rd party eavesdropping on your communication. Furthermore, we suggest that when issuing passwords, you should issue complex passwords that would be difficult to read from a keyboard while someone is typing it. | In order to enhance security we usually suggest users to work over SSL - the Commit Web Interface fully supports SSL Encryption which help protect from 3rd party eavesdropping on your communication. Furthermore, we suggest that when issuing passwords, you should issue complex passwords that would be difficult to read from a keyboard while someone is typing it. | ||
For more information see [[KB:_Creating_a_new_SSL_Certificate_for_the_Web_Interface| | For more information see [[KB:_Creating_a_new_SSL_Certificate_for_the_Web_Interface|Creating a new SSL Certificate for the Web Interface]]. | ||
<br> | <br> | ||
==Additional Methods== | ==Additional Methods== | ||
Limiting unneeded privileges is also a sound suggestion that could prevent long term damage to the system, in the event that employee credentials fall into unauthorized hands, so if somebody gains malicious access to the system, that person would have limited access, at best. It's also recommended to make sure your employees change their Web password often, and if a worker stops working in your company, make sure to disable their Web Users. | Limiting unneeded privileges is also a sound suggestion that could prevent long term damage to the system, in the event that employee credentials fall into unauthorized hands, so if somebody gains malicious access to the system, that person would have limited access, at best. It's also recommended to make sure your employees change their Web password often, and if a worker stops working in your company, make sure to disable their Web Users. |
Revision as of 20:35, 18 January 2010
Introduction
When using the open Internet in order to process and receive customer related transactions between your workstation and the CommitCRM database, the need to upgrade the communication security may arise in order to safeguard your customer information from being read by any unrelated parties. Using Secure Socket Layer Encryption (SSL), you can lock your server from communicating with anybody that does not have an encryption certificate issued by you.
Is SSL Enough?
In order to enhance security we usually suggest users to work over SSL - the Commit Web Interface fully supports SSL Encryption which help protect from 3rd party eavesdropping on your communication. Furthermore, we suggest that when issuing passwords, you should issue complex passwords that would be difficult to read from a keyboard while someone is typing it. For more information see Creating a new SSL Certificate for the Web Interface.
Additional Methods
Limiting unneeded privileges is also a sound suggestion that could prevent long term damage to the system, in the event that employee credentials fall into unauthorized hands, so if somebody gains malicious access to the system, that person would have limited access, at best. It's also recommended to make sure your employees change their Web password often, and if a worker stops working in your company, make sure to disable their Web Users.