The following sections provide information you should consider as you secure your Identity Manager system:
Using SSL
Securing Directory Access
Understanding Identity Manager Communication
Managing Passwords
Creating Strong Password Policies
Securing ActiveMQ Communication
Configuring a Whitelist of Target URLs
Preventing Clickjacking Attacks in Identity Manager
Rejecting Client-initiated SSL Renegotiation on Windows
Using Tomcat connectionTimeout Attribute to Defend Against Denial-of-Service Attack
Securing Connected Systems
Designer for Identity Manager
Industry Best Practices for Security
Tracking Changes to Sensitive Information
Establishing a Security Equivalent User
Securing Communication Between ActiveMQ and Identity Applications
Securing Cloud Deployment of Identity Manager Components
Securing Identity Manager Information with is-sensitive Attribute
Configuring Stronger Ciphers for SSL Communication