...
Enabling SSL would ensure that communication between the end user's browser to be server is secure. Please see Setting Up SSL on Tomcat to learn more.
Domain Whitelist for API Calls
Refer to API Domain Whitelist in Settings to whitelist domains that are consuming Joget's APIs.
Directory User Access Control
Maintaining good password policy management would ensure that user's password is kept safe. Security Enhanced Directory Manager is recommended to be used. The Security Enhanced Directory Manager features enhanced security and control on user management.
Enabling Multi-Factor Authentication using TOTP is also an added strength to it.
Process Start White List
Make use of this feature located under Map Participants to Users to limit on who can start a process instance.
Domain Whitelist for API Calls
Refer to API Domain Whitelist in Settings to whitelist domains that are consuming Joget's APIs.
Userview Menu Permission Control
...
Read more at Permission Control.
Directory User Access Control
Maintaining good password policy management would ensure that user's password is kept safe. Security Enhanced Directory Manager is recommended to be used. The Security Enhanced Directory Manager features enhanced security and control on user management.
Enabling Multi-Factor Authentication using TOTP is also an added strength to it.
Password Encryption
During application design, any sensitive information such as password may be encrypted for security purpose. You may change the key and salt used in a Joget Workflow server to further enhance its security.
...