This chapter provides guidelines and recommendations for setting up Oracle Communications Billing Care components in a secure configuration.
The following principles are fundamental to using any application securely:
Keep software up to date. This includes the latest product release and any patches that apply to it.
Keep up to date on security information. Oracle regularly issues security-related patch updates and security alerts. You must install all security patches as soon as possible. Refer to the "Critical Patch Updates and Security Alerts" Web site:
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Limit privileges as much as possible. Users should be given only the access necessary to perform their work. User privileges should be reviewed periodically.
Refer to "Implementing Billing Care Security" for more information.
Monitor system activity. Establish who should access which system components, and how often, and monitor those components.
Install software securely. For example, use firewalls and secure passwords.
Refer to Oracle Communications Billing Care Installation Guide for more information.
Learn about and use the Billing Care security features.
Refer to "Implementing Billing Care Security" for more information.
Use secure development practices. For example, take advantage of existing security functionality instead of creating your own application security. Refer to "Security Considerations for Developers" for more information.
Avoid using the option to have an application remember passwords for admin logins and passwords. For example, do not select the Remember Password check box in a login screen.
Apply the latest patch set for JDK to ensure that your running JDK has the latest security fixes.