Maintaining Security

On this page

Security Patch Management

Security patches are released on an as-needed basis.

All security patches for Archer are available for download as an update customers with a current Archer maintenance agreement. Updates are available on Archer Community.

Run the latest security patches for any software that you are using with Archer and ensure your are using the latest supported software. For the supported and qualified software and environments, see Archer Qualified and Supported Environments on the Archer Community. (https://www.archerirm.community/t5/platform-use-case-documentation/archer-qualified-and-supported-environments/ta-p/568750)

Here is a list of third-party components for which patches are needed. The frequency of the patch updates is determined by the vendor. It is the customer's responsibility to ensure that third-party components are patched as appropriate, using the instructions provided by the vendor.

  • Windows Server

  • SQL Server

  • Microsoft IIS

  • .NET Framework

Malware Detection

Deploy a malware detection solution on the web and database servers. The malware detection solution should be based on your standard tools and best practices. It is your responsibility to deploy patches and updates for the malware detection tools.

Virus Scanning

Run virus scanning software on the deployed servers on a routine basis. If you are running Threat or Vulnerability feeds, it is strongly recommended that you disable virus scanning for the folder in which the Threat or Vulnerability data files are temporarily stored. A virus scanning engine could interpret the data as a virus or malware.

For information on configuring the folder, see Threat Data Feeds.

Ongoing Monitoring and Auditing

As with any critical infrastructure component, constantly monitor your system and perform periodic and random audits, for example, configuration, permissions, and security logs. Ensure that the configurations and user access settings match your company policies and needs.

Securing Credentials

The credential hashing algorithm selection uses the PBKDF2 algorithm with a randomly generated salt size.