Security planning involves defining authorization and authentication strategies for your application.

• Authentication

  Proves to the application that you are who you say you are.

• Authorization

  Determines the functions that the application allows you to perform. This corresponds to access group and role configuration.

Security planning also involves setting up the organization structure and operator attributes.

The application provides a fine level of security in the form of access settings and denial rules. Many integration rules also incorporate authentication. For more information on the additional aspects of security, enroll in the Lead System Architect course on Pega Academy and cover the Security lessons corresponding to the following topics:

• Authentication schemes
• Defining your authentication scheme
• Defining your organization structure
• Defining operator attributes