In order to ensure the integrity of your company’s data in the FACT database, it is important to keep the FACT Composition Engine (FCE), with its cryptographic secrets (e.g., FACT API tokens and credentials), secure within your corporate systems.
To secure the Composition Engine we suggest that you implement the following security measures on any computer system running the FCE software:
- Limit access to the appropriate parties, roles, and systems
- Harden the host system and related development systems
- Deploy application whitelisting
- Secure all credentials in the systems
- Provide vulnerability management for the system
- Secure all file transfers and network communications
- Conduct regular system and application log auditing and alerting
We also recommend that you follow the appropriate policies and guidance aligned to industry cybersecurity best practices, such as ISO/IEC 27001 and IEC/ISA 62443.