MACROMEDIA BREEZE-SECURITY, Manual

Page: 10 / 12

10 Security and Macromedia Breeze
Best Practices
Below is a checklist of best practices that will assist you in securing Breeze.
•
Firewall Your Servers It is highly recommended to place Macromedia Breeze behind a
firewall, especially if you are intending for Breeze to be used on the Internet. By not placing
Breeze behind a firewall, you are leaving your server open for attacks. Even worse, your
sensitive information is unsecured and open for theft. All servers should sit behind a firewall,
which includes Breeze Application servers, Breeze Live servers and the database server.
•
Run the Bare Minimum of Services
You should only run the bare minimum services you
need for Breeze. This means that you should not run applications like a domain controller, a
web server or an FTP server on the same computer as Breeze. By reducing the number of
applications and services running on the computer hosting Breeze, you can minimize the
chances that an exploit in another application can be used to compromise your Breeze server.
•
Perform OS Security Updates On Windows and other platforms, customers need to check
for platform security holes and apply required patches. Some of these issues are eliminated by a
good firewall. In general we recommend customers keep their Breeze systems patched with all
security updates approved by Microsoft or other appropriate platform vendor.
•
Perform Database Security Updates Since your database may be another targeted
component of the Breeze solution, you need to check for database server security holes and
apply required patches. Like the operating system, some of these issues are eliminated by a
good firewall, but you should also keep up to date with the latest patches.
•
Physical Security
Customers who store sensitive information on their servers should be
aware of the physical security of their systems. Breeze relies on the safety of the host system
against intruders, so servers should be kept secured where private and confidential data is at
risk. Breeze is designed to take advantage of native environmental features like file system
encryption where available if configured by the user.
•
Use Strong Passwords
Breeze users are protected by passwords. We recommend that users,
and particularly administrators, choose strong passwords to keep their data safe. Breeze
enterprise installations often utilize external databases which may also require strong
password protection.
•
Perform Security Audits We recommend users audit their systems periodically to ensure
that all security features installed by the user are still operating as expected. For example,
firewalls are easily tested using a port scanner for validation. Ongoing security checks help
guard against user error that can lead to misconfiguration over time.