Customer Operation Best Practices

Customer Operation Best Practices - Operation Manual

Desigo Fire Portal Operation Manual

Product Family

Desigo Fire Safety

Operations Manager

Content Language

English

Content Type

Technical Documentation > Operating Instructions

Document No

A6V12237006_enUS_f

Download ID

A6V12271786

Access level

Internet

File Type

html

Customer Operation Best Practices

Most cybersecurity breaches are the result of an internal employee/contractor in an organization doing something either they were not supposed to do or failing to do something they are supposed to do, or both. Listed below are some of the best practices from a customer management and risk mitigation perspective to ensure cybersecurity risks are identified and mitigated.

Remote Web Client

Users must keep the web browsers and operating system continuously updated on their client devices (PC, tablet, mobile) to mitigate security vulnerabilities.
Users must keep a continuously up-to-date virus and malware protection software installed on their client devices (PC, tablet, mobile).
Replace client devices if they have reached the end of their life cycle or maintenance cycle.

Cloud Application

Recommend no more than two administrator accounts for one Desigo Fire Cloud Apps subscription. Tasks should be limited to managing users and subscriptions.
Administrators must never share their login credentials.
When inviting users to Desigo Fire Cloud Apps, use the least privilege principle, that is, individuals are invited with roles reflecting the minimum privilege required to complete their task within the organization
Remove/update user accounts as soon as a user is no longer associated with a company or their role.
Refer to the User Guide for roles and authorization.
Always logout of your session once you have finished using the application.

On-premises IT/OT network and Connect gateway

Ensure the Connect gateway installation follows the Desigo Fire Cloud Apps installation guide and the fire system cybersecurity guideline.
Administrator credentials for the Connect gateway must not be shared.
Ensure correct configuration on the Connect gateway to access web applications.

Security is a shared responsibility

As with any solution that encompasses cloud applications and IoT/On-premises connected devices, customers play a key role in keeping their systems secure.
Keeping your systems up-to-date and employees educated is key to mitigating cyber risks.
Ensure the Connect gateway is installed in a physically secure area where access is restricted, that is, access, power and network cables cannot be tampered with.