Security Recommendations

This section outlines key security recommendations designed to mitigate risks, enhance system resilience, and ensure compliance with industry standards.

The following security recommendations strengthen system integrity, reduce vulnerabilities, and ensure secure operations:

• Keep .NET Runtime Up to Date — Ensure the latest Microsoft .NET updates are applied to all systems running AIS. This is recommended as part of routine system maintenance.

• Run AIS Under a Non-Admin Service Account — AIS 4.1 supports running the service under a non-domain-admin Active Directory user. This is the recommended configuration for improved security.

• Enable Endpoint Protection — Ensure Windows Defender or an equivalent EDR solution is active and up to date on all AIS host systems.

• Restrict Untrusted Input — Limit exposure of AIS endpoints to untrusted external XML or file-based content where possible such as configuring ETAP FILES.