Safety Recommendations

for greater safety of your operating environment, we recommend the use of external authenticators, for example, ldap or oauth2 servers if your business does not have it, there are several oauth2 standard security servers in cloud providers that can easily be integrated into the platform avoid using local platform users the security team detected in different versions of the platform, functionality non compliance with international safety standards therefore, we recommend not using it it will be discontinued in the next versions, and as described in item 1, there are fast, accessible, and safer alternatives to replace this feature aligned to item 2, we recommend that after initial settings, all local users be removed from the platform if there are any questions in this process, please activate the support channels we recommend the use of captcha for facilities where there is access or visibility by the large external public, for example, citizens this functionality can be activated through platform settings set up an alert email for when you exceed the maximum number of failed authentication attempts on the platform this functionality can be activated through platform settings for on premises operating environments, i e , hosted in customer responsibility facilities, we recommend using intrusion detection solutions these solutions contribute to the safety of the operational environment as a whole they are external to the platform, need to be acquired, implemented, and maintained by the customer still, for on premises operating environments, we recommend that all infrastructure components that support the platform, including the database server and the application server, have regular password change routines also for on premises operating environments, we recommend that the application server where the platform is installed does not have direct visibility on the internet, that is, we recommend the use of intermediate software (balancers, reverse proxy, or others) as a gateway to the platform, in addition to hiding internal details it is also important to properly use firewall structures it is important to maintain and fully control all levels of user access check the roles of all employees in the organization to define appropriate access to a specific component or functionality ensure authorized user access to items strictly necessary for the performance of their tasks such recommendations apply to on premises installations, where there are several profiles with access to infrastructure information, as well as access and functions within the platform the manufacturer is not responsible for improper use of access management on the platform, as well as in the component structure we request that any identified security fragility situation be immediately referred to our support team or one of our authorized partners under no circumstances, make any kind of statement before proper analysis by the manufacturer’s security team, as such situations may be part of the existing recommendations package or be a situation related to double or additional protections citsmart citsmart is a global trademark, with patents registered and approved in the us, europe, america, africa, and asia, and therefore unauthorized citations may be construed as a violation of rights