Security: Best practices

This article describes the best practices concerning security when installing and using Blueriq. 

Blueriq Studio installation

When running the installer to install Blueriq Studio (Installing Blueriq), 3 users are created:

• admin
• runtime
• administationpage
  
  

After the typical / custom installation the users are stored locally. Although the credentials are encrypted within Studio, it is advisable to authenticate against an Active Directory instead. This way managing users is done outside Blueriq and you have more control over password and lockout policies. Also the passwords are stored in the Active Directory and not within Studio.

To install or change Blueriq Studio security and user management, please read this article: Studio Configuration

Since Blueriq 9.7 we've added Kerberos support which is the prefered protocol by Microsoft over NTLM: Kerberos support

Securing the administation page

During installation of Studio, an administration console is also installed. Via this console it is possible to download or upload a Studio repository. The Studio repository contains the models and business logic so it is advisable to secure this console. This is done by following the steps in this article: Studio Configuration

Blueriq Runtime installation

Installing the Blueriq Runtime is done by following the steps in one of the articles below:

• Installing .NET Runtime
• Installing Java Runtime

Please read these articles to know more about the inner workings of the Blueriq Runtime (Blueriq Runtime, Developing with Blueriq Studio and Runtime). With the release of Blueriq 10 in Q1 2017, configuring the Blueriq Runtime will change quite a bit so please make sure to read R10 Configuration changes [editor] before migrating to R10.