Technical instruction - IIS security
Review Microsoft’s latest policies and recommendations for Windows Servers, IIS, Azure and ohter components and infrastructure used for an installation.
Service account
It is recommended to use a service account for IIS instead of LocalSystem.
IIS settings
Default passwords
Check and change default password of web viewer and webadmin page of web viewer
Check and change default passwords of api endpoints
Other security aspects to consider
Technical instruction - Installing application on Windows Server | Other Apps on Server
Technical instruction - Installing application on Windows Server | Security