Enhance ProcessMaker Security
Follow security best practices to better secure your ProcessMaker instance.
Follow these best practices to enhance security in your ProcessMaker instance:
Require all ProcessMaker users to periodically reset their passwords.
Require all ProcessMaker users to log on to your ProcessMaker instance via Single Sign-On (SSO), OAuth, OKTA and/or two-factor authentication.
Follow these guidelines:
- 2.Instruct all ProcessMaker users to authenticate via SSO to log on to your ProcessMaker instance.
Verify that all ProcessMaker user accounts that run scripts are valid and appropriate.
Follow these guidelines to identify invalid and blacklisted IP addresses that access your ProcessMaker instance:
- 1.Ask your Customer Success Manager to provide a list of all IP addresses that access your ProcessMaker instance.
- 2.Identify the following from the list of IP addresses:
- Identify which IP addresses on this list are invalid.
- Identify which IP addresses are blacklisted.
- 3.Provide your Customer Success Manager an incident report.