If you're a TOP Server for Wonderware user, you may or may not be aware of the built-in User Manager that allows you to define user roles and associated permissions when accessing your TOP Server configuration. As security continues to be a key focus for many process industries, keeping your process communications secure is as important as ever.
Continuing our Tech Support Corner blog series, this blog post covers how TOP Server for Wonderware now prompts users to specify an Administrator password during the installation process to ensure your TOP Server is as secure as possible.
Our TOP Server for Wonderware users are always interested in best practices, as well as, what is supported and what is not, especially when it comes to security. Starting with TOP Server Version 6.5, there were a number of security enhancements added such as project file encryption and specifying an Administrator password during install.
The specific purpose of this post is to detail the reasoning behind specifying an Administrator password during the installation of TOP Server for Wonderware and how to skip defining an Administrator password, if your use case permits.
Over the past few TOP Server release, a primary focus was providing users with the security tools and features to protect their systems from the ever-evolving world of cyber threats that are out there.
To ensure the secure operation of TOP Server, users really need to consider defining a strong Administrator password in the built-in User Manager. Once an Administrator password is defined, you can assign specific users to your engineers who will be accessing TOP Server, which helps with keeping track of which user made specific changes. It also allows you to restrict what permissions certain users have when making changes to TOP Server.
To help remind users to set a password for the Administrator user, starting with V6.5, you are now encouraged to set an Administrator password during the TOP Server installation process. This helps to enhance the security of your server even before you begin to configure it.
When the User Manager Credentials dialog pops up during the installation, you simply need to set a strong administrator password. It is recommended that the password be at least 14 characters in length and include a mix of uppercase and lowercase letters, numbers, and special characters. And you should also avoid well known, easily guessed, or common passwords.
And it is very important that, if you do set an Administrator password, you store the password securely - they are not recoverable and will require re-installing the product if lost. So make sure it's one you'll remember and that you keep it in a safe place.
You may want to consider working with your IT department to centrally store this information, considering that you might not be working for the company or available when another employee needs this information.
The TOP Server User Manager has been available for quite a while in TOP Server installations going back to V4.x - so, if you haven't already enabled the User Manager, it's entirely possible you'd prefer not to. If your TOP Server is installed on a secure machine that isn't exposed outside your control network, you may decide that an Administrator password isn't necessary for your use case.
If that's the case, it's easy enough to skip defining a TOP Server Administrator password during the installation (and you can always define a password later in the TOP Server Admin settings, if you so choose).
When the User Manager Credentials dialog appears during the installation, you can simply tick the box labelled "Skip setting a password at this time".
And, if you change your mind later, just right-click on the TOP Server Admin icon in the system tray, select Settings and go to the User Manager section. Right-click on the "Administrator" user and select "Properties" to specify a secure password.
Want to try the latest TOP Server for yourself? Download the free trial.