With the rise of sophisticated scams, it is vital that you and your company know how to keep your data safe. Oracle Primavera Cloud users and administrators automatically receive powerful security measures from Oracle. But, they can’t prevent every scheme, particularly targeted user scams and phishing attacks.

 

Read below for a summary of how to keep your your data safe in Oracle Primavera Cloud based off of Oracle Primavera Cloud’s Security Guide. 

 

Signing in and Creating a Secure Password

 

The first step in data security is to have a strong authentication system in place. 

 

    • Oracle recommends that administrators set up a Single Sign-On system (SSO). A Single Sign-on system essentially allows users to utilize one set of credentials (username and password) for multiple applications. This reduces the number of passwords users need to remember and helps you mitigate risks.
    •  Administrators can also set up multi-factor login/authentication which will ask users to verify their identity with an extra step, such as a code received on their cellphones. 
    • Admins should encourage users to create strong, random passwords that they haven’t used before. 
User Access/ Authorization

 

In Oracle Primavera Cloud, administrators can manage who can access what. There are several ways they can do this:

    • Determine which users can access specific licenses.
    • Create permission sets, where they can view and set permissions for multiple users in a table. 
    • Create security groups, where they can put the permission sets they just created. Then, they can assign users to each security group. This makes it easier to assign multiple people’s permissions at the same time. 
    • Use the Workflows and Forms app to create workflows and send messages and tasks to their preferred users. 

 

Device Security

Security of user devices, like cellphones and laptops is known as Endpoint Security. Ensuring that any device users utilize for work is secure is essential for data security. There are many ways this can be done effectively, such as:

 

    • Using device management software to track which devices sensitive data ends up on.
    • Only giving security clearance that has sensitive data to trusted users. Others can receive limited clearance with less vulnerable data. 
    • Keep organized so that if a data breach occurs, you can pinpoint it and remedy the problem quickly.
    • Update permissions regularly based on position/ project changes.
    • Utilize timeout settings so vulnerable information cannot be left open on personal devices. 

 

Personal Information Security 

Personal Information (PI) includes information about users like name, address, IP address, phone number, gender, location or any other data that can be used to identify or contact an individual or entity. PI can be found in multiple places in Primavera Cloud including many of its apps, downloadable tables, reports and documents (for a full list click here). This information could be vulnerable to data leaks in multiple areas. 

 

Caution: Depending on local data protection laws, organizations may be responsible for mitigating any risk of PI leak/exposure.

 

For more information about your company’s responsibilities regarding PI click here.

 

Outside Apps and API Security 

Oracle Primavera Cloud allows you to connect with outside applications. This is a powerful and convenient function to use, but it can also create some security risks. It is important that managers track what data is flowing through each outside application in order to mitigate risk. 

 

In-House Security

It is important to have experts in your organization who specialize in data security. These professionals should be hired to answer questions users might have about their security, mitigate risks, and continuously monitor and keep the system safe. Your in-house security should be constantly learning about new threats to data that will inevitably emerge. 

 

TIPS for enhanced security

 

  • Teach your employees how to spot phishing scams

Phishing scams are when hackers and nefarious actors try to steal your data by sending you a message (email, text) asking you to click a link or share personal information. Sometimes, these scammers pose as your employer asking you to verify login information. These scams are sophisticated and sometimes hard to spot. Teach employees to always verify the authenticity of such requests with in-house security or another responsible party.

 

  • Use a VPN to encrypt data 

If you are sending sensitive information over the internet, you can use a VPN that will encrypt and protect your data.

 

  • Set up clear company security guidelines that users can refer to

Be sure that your employees/ users are made aware of security guidelines specific to your company. When you establish these guidelines, make sure they are clear and thorough. Always provide a source for employees to ask security questions.

Protect your data! Follow these important guidelines and your data will be much safer from leaks and scammers.

 

 

 

If you have any comments, questions or suggestions, please use the comment section on the bottom of this page, and don’t forget to subscribe to our blog to get interesting content directly in your inbox!

Taradigm also offers Oracle Primavera Cloud courses: Our Oracle Primavera Cloud Instructor,  Lauren Hecker, teaches onsite and virtual OPC courses. To see her next open enrollment course, please visit our OPC page. To schedule an onsite or custom course, please contact us!