...
At ECMWF we run ecFlow in a relatively open way. We have decided to limit the number of accounts/users running ecFlow to simplify cooperation and file permission problems. Most research ecFlow servers run under one research account allowing greater cooperation. However, for operations, we want to limit full access to a handful of trusted users, whilst giving others the ability to monitor the operational suites. We use the ecFlow white list file to limit access in operations.
For additional security you may choose, to have black list blacklist files. i.e. password-based authentication.