# Security At Infotopics Apps for Tableau, we prioritize the security and integrity of our products. As an ISO 27001 certified organization, we adhere to the highest standards to ensure our products are built with security in mind. However, the effectiveness of our security measures ultimately depends on how our products are implemented within your environment. To assist you in maintaining a secure setup, we've outlined ten essential recommendations. By following these guidelines, you can optimize the safety and security of your on-premises deployment, protecting your data and infrastructure from potential threats. #### 1**0 Security recommendations for on-premises deployments** 1. **Restrict Access to Internal Networks or VPN Only**\ Ensure the server is accessible solely through a secure VPN or internal network to prevent unauthorized external access. 2. **Apply Zero Trust Principles**\ Only grant access to users who truly need it. Review access rights regularly to maintain a secure environment. 3. **Sandbox and Isolate the Server**\ Allow connections only to required systems (like databases) and block all unnecessary network communication. 4. **Use Internal DNS Records Only**\ Configure DNS records for internal use and avoid public exposure of internal services. 5. **Keep Systems and Applications Up to Date**\ Regularly update both the operating system and our web applications to ensure the latest security patches are in place. 6. **Perform Regular Security Tests**\ Schedule internal security checks to identify and mitigate potential vulnerabilities before they can be exploited. 7. **Establish Backup and Disaster Recovery Procedures**\ Maintain secure, encrypted backups and ensure recovery procedures are tested and documented. 8. **Monitor and Log System Activity**\ Enable centralized logging to track access, configuration changes, and anomalies for better visibility and accountability. 9. **Restrict Outbound Internet Access**\ Prevent the server from initiating external connections unless explicitly required for operation or updates. 10. **Limit Administrative Access**\ Use dedicated admin accounts for maintenance, disable unused accounts, and enforce strong authentication methods. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.infotopics.com/extensionsmanager/installation-guide/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.