Security Considerations to take into account when working with Inventory

Secure the default Admin account
The admin account is created in the system automtically when installing the tables. The username and password are known (admin/admin) and this is a security risk. We recommend one (or more) of the following actions to be taken: These measures are to prevent abuse of the default account.
Usage of the Session Timeout feature
The Session Timeout feature (see User Management) restricts each user's session length. After the alloted time expires, the user is expelled from the system (forced logout) and is requied to login to continue usage. This feature can be useful especially if your Inventory users use the system from a random computer (when taking care of a problem in another dept. or at a client's office), and you wish to make sure that they do not leave a browser open for unauthorized persons to access the system using that user's permissions.
Usage of the Configuration Editor
The Configuration Editor can be enabled for usage through the web. All Admin users will have access to this feature once enabled. Only expose this functionality if you're sure you can allow all Admin users to view these settings.
Additional Security through Web Server configuration
You can enhance Inventory's installation by modifying the configuration of the web server that is serving it: