March 16, 2026 BY
IN Johnson Controls

Introduction

Effective management of access rights is crucial to maintaining the integrity and security of any

system. This document emphasizes the importance of adhering to best practices when assigning

permissions within the C•CURE 9000 security-management system. Granting permissions beyond

the necessary scope can lead to unauthorized access and potential misuse of information.

Therefore, it is imperative to assign each account only the roles and permissions required to

perform their specific job functions, and nothing more. This approach ensures that the system

remains secure, and that information is protected from unwanted changes.

As cybersecurity threats affect all connected devices, it is important to ensure that cybersecurity

is considered throughout the planning, deployment and maintenance phases associated with a

solution’s functional operation.

Legal disclaimer

The cybersecurity practices described in this guide are recommended practices to facilitate the secure

installation and configuration of the products described herein.  However, Johnson Controls cannot guarantee

that the implementation of the cybersecurity practices or recommendations described in this guide will ensure

the security of the relevant product or system, or prevent, or alter the potential impact of any unauthorized

access or damage caused by a cybersecurity incident. This guide is provided “as is”, and Johnson Controls

makes no representation or warranty, express or implied, as to the efficacy of the cybersecurity practices or

recommendations described in this guide.  Johnson Controls disclaims all liability for any damages that may

occur as a result of, or despite, reliance on this guide or compliance with any cybersecurity practices or

recommendations set forth herein.

C•CURE 9000 Configuration Overview

This section helps C•CURE 9000 administrators implement best practices for a secure C•CURE 9000 v3.10

system installation.  You will learn what is needed to get the CrossFire service to run on your system, while

avoiding the security risks created by granting excessive privileges.