Securing FICO Xpress Insight
The following sections describe the security considerations and steps for securing
Xpress Insight.
Covered Topics
- Pre-defined User Accounts
Xpress Insight includes one pre-defined account. - Using the Credential Store to Store Passwords
You can use a credential store and reference passwords by their aliases—This is more secure than having plain-text passwords in the standalone.xml file. - Execution Worker Access
An Xpress Insight Execution Worker is an instance of the Mosel Remote Launcher program running on a local or remote machine. The default configuration sets this service to accept requests to execute models from any requestor using the correct protocol. - Securing the PostgreSQL Database
The Xpress Insight server will install a PostgreSQL database server to handle data storage for the repository. - Securing the PostgreSQL Database Password
Xpress Insight server accesses the database through a standard data source named com.fico.xpress.insight.db. - Securing the Database Account
Database connections for the server are defined in the standalone.xml data source file. - Securing the
Xpress Insight Installation Files
The Xpress Insight installer program sets the files it places on the target machine to be accessible by everyone. - Enabling HTTPS with
Xpress Insight Server
After enabling HTTPS with Xpress Insight Server, you can customize the HTTPS port or remove the access.