Security

At Infotopics Apps for Tableau, we prioritize the security and integrity of our products. As an ISO 27001 certified organization, we adhere to the highest standards to ensure our products are built with security in mind. However, the effectiveness of our security measures ultimately depends on how our products are implemented within your environment. To assist you in maintaining a secure setup, we've outlined ten essential recommendations. By following these guidelines, you can optimize the safety and security of your on-premises deployment, protecting your data and infrastructure from potential threats.

10 Security recommendations for on-premises deployments

1. Restrict Access to Internal Networks or VPN Only Ensure the server is accessible solely through a secure VPN or internal network to prevent unauthorized external access.

2. Apply Zero Trust Principles Only grant access to users who truly need it. Review access rights regularly to maintain a secure environment.

3. Sandbox and Isolate the Server Allow connections only to required systems (like databases) and block all unnecessary network communication.

4. Use Internal DNS Records Only Configure DNS records for internal use and avoid public exposure of internal services.

5. Keep Systems and Applications Up to Date Regularly update both the operating system and our web applications to ensure the latest security patches are in place.

6. Perform Regular Security Tests Schedule internal security checks to identify and mitigate potential vulnerabilities before they can be exploited.

7. Establish Backup and Disaster Recovery Procedures Maintain secure, encrypted backups and ensure recovery procedures are tested and documented.

8. Monitor and Log System Activity Enable centralized logging to track access, configuration changes, and anomalies for better visibility and accountability.

9. Restrict Outbound Internet Access Prevent the server from initiating external connections unless explicitly required for operation or updates.

10. Limit Administrative Access Use dedicated admin accounts for maintenance, disable unused accounts, and enforce strong authentication methods.