This topic describes some best practices for ArcGIS Desktop application deployments. As an important note, ArcGIS Desktop products are self-certified according to the United States Government Configuration Baseline (USGCB, formerly FDCC). ArcGIS Pro (1.4.1 and higher) are also USGCB self-certified. For more information, see Compliance.
Consider deploying and configuring the following on the desktop client to aid in the mitigation of potential risk:
- Host-based anti-virus (A/V)
- Host-based firewall
- Host-based intrusion detection systems (IDS)
Authentication involves verifying the credentials in a connecting attempt to confirm the identity of the client. Consider a single-sign (SSO) or federated authentication solution.
Authorization is the process by which client permissions are verified prior to accessing a resource. This occurs after successful authentication. It is important to implement the principle of least privilege and role-based access control. Since ArcGIS Desktop application architecture traditionally involves interaction between the client desktop and a centralized source such as a Relational Database Management System (RDBMS), it is important to consider how privileges are granted at the database levels. User privileges can be set at different levels such as the following:
- Database management system (DBMS)
- Privileges at this level affect the entire database management system. Generally, this is applied only to database administrators who may need to access and manage all objects in the system.
- Privileges at this level determine what a user or group of users can do in the geodatabase.
- Geodatabase version
- Privilege can be set to control access to a geodatabase version. This is a special type of privilege that is not set through the DBMS. For more information, see Creating versions and setting permissions.
- Dataset privileges determine what a user can do with a particular dataset such as: Select, Update, Insert, or Delete. See Granting and revoking privileges on datasets for more information.
Encryption is the process of transforming data so that it is unreadable by those without a decryption key.
- Encrypt data-in-transit using HTTPS (TLS 1.0 and later) for all communication inbound and outbound from the desktop client.
- Use existing certificate infrastructure and trusted certificates signed by a trusted third party certificate authority
- Encrypt data-at-rest (as feasible).
- For workstations, consider using full disk encryption.
- For databases, consider using Transparent Data Encryption (TDE).
- For file repositories, consider using full disk encryption.
- Ensure the use of strong encryption algorithms.
- Cryptography is a constantly changing field, and older algorithms will continue to be found unsafe.
- Monitor standard bodies such as NIST for recommendations.
Logging and auditing
Logging involves recording events of interest from a system. Auditing is the practice of inspecting those logs to ensure the system is functioning desirably or to answer a specific question about a particular transaction that occurred.
- Log events such as successful logins, failed logins, and other events as directed by organizational policy.
- Consider logging at application, operating system, and network levels.
- Consider using an enterprise Security Information and Event Management solution to perform analysis and correlation of the events. This will aid in identifying potential malicious activity.
Hardening is the process of securely configuring systems to mitigate as many security risks as possible. The attack surface can be minimized on a given system by:
- Implementing application-level hardening such as the guidance mentioned above.
- Removing unnecessary software.
- Disabling unnecessary services.
- Using a security hardened image. ArcGIS Desktop and ArcGIS Pro products are self-certified according to the United States Government Configuration Baseline (USGCB, formerly FDCC).