Administer the CA Process Automation Domain › Configure the Contents of the Domain › Approach to Configuring Touchpoint Security

Approach to Configuring Touchpoint Security

Touchpoint Security is a Domain-level property. By default, Touchpoint Security is not enforced. The inherited non-enforcement allows existing processes to run successfully.

Note: If you configure Touchpoint Security as enforced and there are no Touchpoint Security policies in CA EEM, there is no protection.

Typically, mission-critical hosts and hosts that contain highly sensitive data only exist in a production environment. If you have partitioned your CA Process Automation domain into a design environment and a production environment, consider this guideline:

• Design Environment: Accept the Inherited settings, where Touchpoint Security is disabled
• Production Environment: Configure Touchpoint Security to Enabled in Environment properties. Then, create a global Touchpoint Security policy that authorizes the execution of Operators in selected categories to the group or users you specify. Specify the Environment as a filter. Then specify one filter for each Touchpoint mapped to a business critical host.

Alternatively, you can use Touchpoint Security in a development or test environment to restrict who can run processes on your Orchestrator. In that case, you could create a policy and list all members of your staff as Identities. In this policy, you create two filters--one for your Orchestrator as a Touchpoint and another for your Environment.

More information:

Configure Domain Properties

Create a Touchpoint Security Policy