Best practices and references to secure Adobe Connect installation related to SSL, services, password policies, audits, SQL server security, and so on.
The following checklist describes best practices to you secure your Adobe Connect system:
Use SSL to protect network traffic
You can secure the connection to the meeting server, the application server, or both.
Run only the services you need
Do not run applications such as a domain controller, a web server, or an FTP server on the same computer as Adobe Connect. To minimize the chances that another application can be used to compromise the server, reduce the number of applications and services running on the computer that hosts Adobe Connect.
Update operating system security
Check regularly for critical updates that close security holes and apply the required patches. A firewall eliminates some of these security problems. In general, keep your servers patched with all current security updates approved by Microsoft and the other relevant platform vendors.
Secure host systems
If you store sensitive information on your servers, be aware of the physical security of your systems. Adobe Connect relies on the safety of the host system against intruders, so keep servers secure when private and confidential data is at risk. Adobe Connect is designed to take advantage of native environmental features such as file system encryption.
Use strong passwords
Strong passwords protect data. Adobe Connect administrators can set login and password policies in the Adobe Connect Central. Adobe Connect installations uses Microsoft SQL Server, which also requires strong password protection.
Use LDAP for authentication
It is a best practice to use LDAP for Adobe Connect authentication.
Perform regular security audits
Audit your systems periodically to ensure that all security features are still operating as expected. For example, you can use a port scanner to test a firewall.
The following resources help you secure your servers:
The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization including system administrators, security professionals, and network administrators. It provides network security courses, and certification in network security.
SQL Server security
The Microsoft SQL security resources page on the Microsoft website provides information on securing SQL Server.
Nmap is a powerful port-scanning program that tells you what ports a system is listening on. It is available at no cost under the GNU Public License (GPL).
The effectiveness of any security measure depends on various factors, such as security measures provided by the server and the installed security software. Adobe Connect software is not intended to provide security for your server or the information on it. For more information, see the disclaimer of warranty in the applicable license agreement provided with Adobe Connect.