Security Hardening Guidelines for Cumulocity IoT 10.18.0

This guide provides prescriptive security hardening guidelines for the Cumulocity IoT platform version 10.18.0. It outlines best practices for ensuring a secure configuration posture, specifically targeting system administrators and enterprise tenant administrators. The document includes recommendations for deployment security, such as ensuring that the operating system is hardened, applying security patches regularly, and keeping the platform up to date. It emphasizes the importance of exposing only necessary ports and enforcing strong password policies. Additionally, it details the configuration of two-factor authentication and the deployment of secure SSL certificates. The guidelines are structured to assist administrators in minimizing vulnerabilities and enhancing the overall security of the Cumulocity IoT platform. The document also includes profile definitions for different user roles and an appendix with a summary table and references for further information.