This section contains security recommendations for the desktop used to run web browsers that connect Oracle E-Business Suite.
See My Oracle Support Knowledge Document 389422.1, Recommended Browsers for Oracle E-Business Suite Release 12, for information about securing the desktop.
Update browser when new versions are released; they often include security bug fixes.
Check browser for built-in safety features.
Upgrade to Java 8.
Apply the latest JRE updates.
For kiosk machines, change the browser's autocomplete settings. Although convenient for frequently accessed pages, for privacy and security reasons this feature should be disabled.
Also consider disabling the "remember password" function, or use a primary password for the saved password store.
People may attempt to access an unattended workstation while another user is still logged into the system. The users should never leave their workstation unattended while logged into the system because it makes the system accessible to others who may walk up to the computer. Organizations should set a corporate policy for handling unattended PC sessions. Users are recommended to use the password-locked screen savers feature on all PCs.
Use the following profile option to set the FileStreaming security policy for the no-store directive:
Profile Option Name | Code (Internal Name) | Recommended Value |
---|---|---|
FND: Security FileStreaming No-Store | FND_SEC_FILESTREAM_NOSTORE | SECURE |
The FND: Security FileStreaming No-Store profile option values are as follows:
SECURE - This value enables Secure mode, where the no-store directive is used to prevent caching for all content. This is the default and recommended profile option value.
CHROMIUM_PDF_WA - This value allows for the caching of PDF content on Chromium-based browsers. Set the profile option to CHROMIUM_PDF_WA when users expect the ability to save PDF content directly from the in-browser PDF viewer.
INSECURE - This value enables Insecure mode and allows the caching of all content.