15.5
Table Of Contents
- Dragon_NMCInstallGuideCover_20160929_v4
- About this guide
- Chapter 1: Introduction
- Chapter 2: Preparing for your installation
- Chapter 3: Installing the servers
- Chapter 4: Post-installation tasks
- Chapter 5: Upgrading Nuance Management Center
- Chapter 6: Preparing for your Active Directory single sign-on configuration
- Chapter 7: Installing the Local Authenticator
- Chapter 8: Preparing for your Central Authentication single sign-on configuration
- Appendix A: Database backups and data retention
Nuance Management Center Server Installation and Configuration Guide
Security considerations
When your organization implements Nuance Management Center, it is critical to install the software and its
system components using secure installation methods to protect the integrity and confidentiality of your data.
It is equally important to manage and monitor your system once installed to ensure that your data is protected
from unauthorized access and misuse.
The following sections provide secure installation and configuration guidelines, and describe the security
features provided in Nuance Management Center to help you manage and monitor your system.
General security principles
l
Require strong, complex user account passwords.
Create a password policy to establish password requirements. For example, require a minimum
password length and one aspect of complexity, such as non-alphabetical characters.
l
Keep passwords secure.
When you initially create user accounts in Nuance Management Center, send users their username
and initial password in separate email messages. Instruct your users not to share or write down
passwords, or store passwords in files on their computers. In addition, require users to change their
default passwords upon first use, and on a regular basis.
For more information, see the Users must change their password after first login Organization
option and the Maximum password age - password will expire in n days Organization option in
the NMC Help.
l
Keep software up-to-date.
Keep all software versions current by installing the latest patches for all components, such as SQL
Server and Microsoft® Windows Server, including all critical security updates.
l
Implement the principle of Least Privilege.
In implementing the principle of Least Privilege, you grant users the least amount of permissions
needed to perform their jobs. You should also review user permissions regularly to determine their
relevance to users’ current job responsibilities.
l
Monitor system activity.
Review user audit records regularly to determine which user activities constitute normal use, and
which may indicate unauthorized use or misuse.
l
Promote policy awareness.
Ensure your employees are aware of Acceptable Use policies, best practices, and standard
operating procedures that are relevant to Nuance Management Center.
Installing and configuring Nuance Management Center securely
The Nuance Management Center installation instructions include procedures that install the application and
system components into a secure state by default. In addition to performing the standard installation
procedures, you can do the following to secure Nuance Management Center.
l
Establish best practices for downloading report data.
15