Most Maximo conversations focus on integrations, licensing, or mobility. But there's a hidden area of concern: security blind spots during implementation that often go unaddressed.
Key concerns that clients should be asking, but don't:
- Who owns Maximo audit logs? Are they monitored in your SIEM (like QRadar)?
- Are password reset attempts and login failures from mobile devices audited and geo-tagged?
- How are unused/non-rotating admin accounts managed after go-live?
- Is encryption at rest enabled for all environments, including test/staging?
- What's your response time if your Maximo API is exposed via public integration?
Let's start a conversation around operational security in Maximo implementations, especially as we move into cloud-native and SaaS models. Security isn't just an IT concern, it's a business continuity concern.
------------------------------
Srikar Ande
Director Of Innovation
ZPro Solutions Limited
Markham ON
7024994655
------------------------------