| Siebel CRM Siebel Security Hardening Guide Siebel Innovation Pack 2015 E24815-01 |
|
 Previous |
 Next |
View PDF |
| Siebel CRM Siebel Security Hardening Guide Siebel Innovation Pack 2015 E24815-01 |
|
Previous |
Next |
View PDF |
Align the policies you create to secure your Siebel Business Applications environment with the overall security policies and principles adopted by your organization. Some of the general policies recommended to help protect your Siebel Business Applications deployment and infrastructure include the following:
Restricting network access
Following the principle of least privilege when setting up access controls
Monitoring activity by enabling a minimum level of logging (auditing and reviewing)
Keeping up-to-date with the latest security information
Configuring accounts securely, including securing session management
Setting security parameters
Running security-maintenance reports regularly
Enforcing secure coding practices, for example, data validation, when creating custom code and scripts
Encrypting Web and network communications and sensitive data in the Siebel database, for example, credit card numbers and passwords
Installing approved enterprise-wide antivirus software to protect servers and workstations, and updating virus pattern files on a periodic and emergency basis as recommended by the vendor
Implement a patch management process to make sure that all the software in your environment is updated with the latest software versions and security patches. You must make sure all updates and patches for Siebel Business Applications are applied. Also make sure that all updates are applied for the other software that is required to run Siebel Business Applications, but that is not shipped by Oracle. Some examples include your operating system software and browser software.
Oracle uses critical patch updates to release security patches for all its applications, including Siebel Business Applications. Critical patch updates are issued each quarter and consist of multiple security fixes in one patch.
For a list of the latest critical patch updates and security alerts for Siebel Business Applications available from Oracle, and for information on security vulnerabilities fixed in a critical patch update, go to the Oracle Critical Patch Updates and Security Alerts Web site at
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Oracle provides information about product security vulnerabilities only as part of the critical patch update or Security Alert notification process.
