/
Securing an OpenMRS Implementation

Securing an OpenMRS Implementation

Owned by Isaac Sears
Last updated: Sep 21, 2024 by Grace Potma
1 min read

One critical MUST-DO for any OpenMRS Implementation: Ensure no default passwords are in use (such as “Admin123”).

This is true for everything from user login credentials in the UI, through to any database, web server, container, and/or servlets you are using in production. Even standard database and server tools often come with default passwords - ensure these are changed to unique, secure passwords.

 

This section of the wiki contains recommendations for how to secure an OpenMRS installation beyond what is provided by the application itself.

Sections contained within this Wiki area:

 

Strongly Recommended Resources

NOTE: We also recommend that OpenMRS community members, especially implementers, familiarize themselves with the following highly-recommended resources: 

 

Related pages

OpenMRS Security 101: Policies & Vulnerability Management
OpenMRS Security 101: Policies & Vulnerability Management
Documentation
Read with this
Security
Security
Documentation
Read with this
Sample Security Guidance & Policy Documents
Sample Security Guidance & Policy Documents
Documentation
Read with this
Comprehensive Security Implementation Guide
Comprehensive Security Implementation Guide
Documentation
Read with this
Sample Incident Response Plan
Sample Incident Response Plan
Documentation
Read with this
Design
Design
Documentation
Read with this