Is there a way to protect the Identity Management Console (i.e. /IDMMANAGE)? Even though the console is not frequently used or needed, in a large deployment, the possibility of increases and the environment get larger.
I am asking for the 12.9 PIM identity management console.
Even simple authentication or a way to limit access to this console when it is enabled would be mitigate exposure.
If the "System Manager" account can be used (or limited to even a role or short list of accounts) it would help.
But right now, no authentication or no security other shutting it down is a concern. As stated, even a short period of time can help mitigate.