IIS Security Guidance for Employee Portal/Web Client

As Employee Portal and HRPro Web Client is running on the Microsoft Web Server (the Internet Information Server). For the administration and management of a web server, please consult your network administrator. The following information provide some guideline for the IIS Security.

• Key guidelines for securing public web servers 🡕

• Security Guidance for IIS 🡕

• How To Set Up an HTTPS Service in IIS 🡕

• Manage Security of Your Windows IIS Web Services 🡕

• Configuring Security - The Official Microsoft IIS site 🡕

• Web Server Security Best Practices 🡕

For better security control for Employee Portal/Web Client, you could also consider the followings:

• RSA SecurID Access 🡕

• Cisco AnyConnect 🡕

It is also recommended Enable CAPTCHA on login page and SQL Server Password Encryption in Employee Portal and Web Client and enabled 2-step verification in Employee Portal.