General Security Guidelines
When implementing Bomgar Vault, it is essential to maintain and enforce secure processes and procedures for your instance. A best practice for accomplishing this is to execute a multi-layered methodology to security, beginning with your operating system.
Check and execute Microsoft Windows updates frequently. For more information about Microsoft Windows updates, please see What is Windows Update?
Check for and Install Windows Updates
We strongly recommend that you install patches and updates on your Windows server as they become available from Microsoft. This greatly reduces the risk of exploitation of known vulnerabilities in Windows operating systems. Any other applications on your server should also be kept up-to-date with the latest security patches.
Perform Regular Backups
Your Vault data should be backed up at least once a day. Use Microsoft SQL Maintenance Plan Wizard to configure an automated backup schedule for your SQL server.
Optimize the Vault Database
A weekly Vault database optimization is recommended, using the Microsoft SQL Maintenance Plan Wizard. A full SQL instance is required to use this feature; it is not available in SQL Express.
Review the System Log
Checking the system log for errors, failures, changes, and other unusual events should be a routine practice. Be sure to review the system log every time a Vault software update is performed. A security information and event management (SIEM) system can be used to automate analysis on a near real-time basis. For additional security, Vault can be configured to send log files to another server, reducing the risk of the files being tampered with.
Note: For an overview of SIEM systems, see Introduction to SIEM Services and Products.