LinkedIn
Copied!

Table of Contents

Security Checklist when deploying on Pega Cloud

Version:

Only available versions of this content are shown in the dropdown

When you are deploying on Pega Cloud there are additional considerations you should address when completing the Security Checklist.

If you are deploying your application to Pega Cloud, you should perform these actions:

Set up connectivity in your Pega Cloud Environments
Set up connectivity methods such as VPN, AWS Direct Connect, and Virtual Private Cloud (VPC) Peering connections for your environment, as appropriate.

For more information, see Requesting a virtual private cloud (VPC) peering connection.

Request a custom domain name
Set up a custom domain name (or “vanity” URL) that conforms to your enterprise standards, and obscures your environment server addresses.

For more information, see:

Follow security leading practices for development and testing

The following recommendations are propose around data used for testing:

  • Select test data carefully, ensuring it’s protected and controlled.
  • Ideally, test data should be created in a generic form with no relation to live system data. In the exception where live data is needed to perform accurate testing, the live data should be should be:
    • Anonymized as far as possible.
    • Carefully selected and secured for the period of testing.
    • Securely deleted when testing is complete.
  • Alternatively, you may also consider:
    • A production mirror sandbox, which provides an architectural replica of a client’s scaled production environment (rules and data) and can be used for production staging and testing, scale benchmark testing, and load performance testing.
    • Performing a Pega product file export/import operation to build a production-like equivalent of your current applications. This will not transfer any client data but will transfer all rules and schema – and will effectively duplicate their service without including production data.

If you are not deploying on Pega Cloud, see Security Checklist when not deploying on Pega Cloud.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.