Security

Introduction

Security is a key aspect that must be considered when building apps, integrating with other parts of your landscape, or governing your organization and apps within the Mendix platform. Information about security is present in various sections of Mendix documentation. This page provides an overview of the available articles on this topic.

Planning the Implementation

Before creating your app, refer to the Evaluation Guide to review the available security options:

• Evaluation Guide: Security

Building an App

When building your application, refer to the following topics:

• App Modeling: Security - An overview of the security options available when building an app
• Create a Secure App - A detailed walk through the process of creating a secure app
• Implement Best Practices for App Security - Recommended best practices for app security
• Set Up Anonymous User Security - A detailed walk through the process of setting up anonymous user security
• App Security - An explanation of the App security menu and its sub-menus:
  • User Roles - An explanation of the User roles menu
  • Administrator - An explanation of the Administrator menu
  • Demo Users - An explanation of the Demo users menu
  • Anonymous Users - An explanation of the Anonymous users menu
  • Password Policy - An explanation of the Password policy menu
  • Strict Mode - An explanation of the Strict mode menu
• App Modeling: Module Security - An overview of the security options available when creating a module
• Security and Shared Datasets - An overview of the secure integration with OData services (shared datasets)
• Configuring Security for a Workflow Process - An overview of the security configuration available for workflow processes
• Mobile: Offline Data Security - A detailed walk through the process of configuring offline data security for mobile apps
• Content Security Policy - An overview of content security policies that you can configure for your apps
• Two-Factor Authentication - An explanation of the available options when setting up two-factor authentication

Running your App

For information about security practices for business-as-usual operations of your app, refer to the following topics:

On Mendix Cloud

• Secure Outgoing Connections from Your App - An overview of the various scenarios for securing outgoing connections on the Mendix Cloud

On Mendix for Private Cloud

• Mendix for Private Cloud: How Are My Apps and Data Secured in Mendix for Private Cloud? - An overview of the Mendix for Private Cloud offering and the security it offers

On Premises

• Security for Your On-Premises Installation - A checklist of security options available for apps installed on premises

Governing your Organization and its Apps

For information about security practices for app governance, refer to the following topics:

• Apps: Software Composition - An explanation of the Software Composition page of the Apps menu
• Control Center: Software Composition - An explanation of the Software Composition page of the Control Center, and the options available to identify the dependencies in deployment packages in the Mendix Portal
• Security Settings in Control Center - Settings to help you manage access to the Mendix Platform for users in your company
• Set up an SSO (BYOIDP) - A detailed walk through the process of configuring BYODIDP SSO in the Control Center
• Data Accessibility and Security - An overview of the security options available in the Catalog
• Mitigate Security Risks - Best practices for mitigating security risks

Getting Support

For additional information, frequently asked questions, and troubleshooting tis, refer to Frequently Asked Questions – Security. If you have more questions, contact your Customer Success Manager (CSM), or join the Mendix Community forum.