Weincloud Security Best Practices
Security is a core element of the Weincloud platform. Whether managing Admin accounts or assigning user permissions, following proper security practices helps protect your data and resources while ensuring system stability.
This guide provides Weincloud security best practices to help you safeguard accounts and operations.
1. Assign Admin Email to Senior Management
Why this matters:
Reduce personnel change risks: Assign the Admin account email to a senior manager to avoid issues caused by employee turnover or role changes.
Ensure accountability: Senior managers are better positioned to manage security responsibly.
Recommendations:
Use a corporate email address (e.g., admin@companyname.com) instead of a personal one when registering the Admin account.
Periodically review the Admin email to ensure it remains under senior management's control.
2. Enable Multi-Factor Authentication (MFA)
Why this matters:
Enhance security: MFA adds an extra layer of protection beyond passwords, preventing unauthorized access even if a password is compromised.
Prevent account misuse: Greatly reduces the risk of Admin account breaches.
How to enable MFA:
See Multi-Factor Authentication (MFA) for setup instructions.
3. Assign Only Necessary Permissions
Why this matters:
Limit admin usage: Reserve Admin access for senior staff only. Grant limited permissions to others as needed.
Minimize risk: Give users only the access needed for their roles to reduce the chance of misuse or error.
How to assign permissions:
See User Management for details on assigning roles and permissions.
4. Open Only Required Ports on HMI
Why this matters:
Limit external access:
Restricting open ports limits external access and improves security.Follow the principle of least privilege: Enable only necessary services to minimize vulnerabilities.
Recommendations:
Check server lists: Ensure HMI can connect to Weincloud services by opening only the required ports listed here: Dashboard Server ListEasyAccess 2.0 Server List
Review regularly: Periodically inspect HMI network settings to close unused ports.
5. Regularly Review and Update Security Settings
Why this matters:
Align user permissions with roles: Review account roles regularly to ensure they reflect users’ current responsibilities.
Protect against password leaks: Regularly update passwords—ideally every 90 days—to prevent unauthorized access.
Recommendations:
Perform a quarterly security audit of all user roles, especially Admin accounts.
Follow strong password policies and avoid reusing old passwords.
6. Provide Security Training and Awareness
Why this matters:
- Raise awareness: Train employees using Weincloud to recognize threats such as phishing and understand basic security practices.
Recommendations:
Conduct regular security training sessions covering current threats and protection methods.
Provide internal guidelines to help users operate the platform securely and follow policies.