Implementing Historian Security

Historian is a high performance data archiving system designed to collect, store, and retrieve time-based information efficiently. By default, access to these Historian archives, tags, and data files is available to any valid operating system user account. In this default environment, all users are allowed to read, write, change, and delete archives, tags, or data files in Historian Administrator, SDK, migration tools, and Excel Add-In. However, you may want to make these features and data available only to authorized personnel. You can do this by creating and defining Historian security groups in your Windows Security.

Historian includes an Electronic Signature and Electronic Records security feature. This option provides installations related to the FDA's 21 CFR Part 11 regulation or any site interested in added security or tracking the ability to require a signature and password every time a change in data or configuration is requested. For more information on the Electronic Signature and Electronic Records feature, refer to Historian in a Regulated Environment.

To ensure a secure environment when using Historian security, do not create any local user accounts unless Historian is set up on a standalone machine.

Whether or not you use Historian security, make sure that you disable Guest accounts on your computer to limit access to valid Windows user accounts.

To run Proficy Authentication commands, refer to Managing Proficy Authentication Users Using the Configuration Tool.