Security Considerations and Best Practices for AVEVA Products
- Last UpdatedDec 19, 2025
- 2 minute read
Please refer to the Security Considerations and Best Practices for AVEVA Products section in the Unified Engineering Release Documentation for general guidance.
Security Considerations for AVEVA™ Unified Engineering – Browser Access
Unified Engineering Security Considerations and Best Practices have been integrated into the AVEVA™ Unified Engineering – Browser Access managed service. These include:
-
Robust Infrastructure security - based on logically isolated Tenant Infrastructure and Services (Tenant Environment)
-
Disaster recovery capabilities as outlined in the AVEVA™ Unified Engineering Service Description
-
Anti-virus protection on streamed desktops and Tenant Infrastructure virtual machines
-
Application and Configuration Related Files access controls
-
Shared Project Data - Restricted Access
-
Managing File system folders in AVEVA™ Unified Engineering – Browser Access
The following security considerations particular to AVEVA™ Unified Engineering – Browser Access should be noted.
Review Content
Before placing any shared content (such as Report Definitions or PML Customizations) in shared locations, ensure it has been reviewed for security.
Running Reports
Users should only run security reviewed reports from folders under P:\ConfigFiles\AuthorRead\ in AVEVA™ Unified Engineering – Browser Access environments.
Unified Engineering reports can embed executable code, so all reports must be thoroughly
reviewed. Only trusted reports should be used.
Spectrum Projects Access
If using Communities to share your Spectrum Project with another CONNECT account, note that they will have write access to the Cloudstore, which propagates to all Edge Connectors and AVEVA™ Unified Engineering – Browser Access environments. Only share projects with trusted accounts and ensure they configure Cloudstore access correctly.
Reports in Spectrum Projects
Reports available at initial project creation and upload will propagate across all Spectrum Edge Connectors and AVEVA™ Unified Engineering – Browser Access environments including those configured as part of a CONNECT Community. Following the 2025.12.001 Spectrum release, AVEVA Connector File Sync Service 2.0.48, any additions or modifications at edge locations will not sync.