5 Appendix B – Secure Deployment Checklist

The following security checklist is included to guide you on how to secure your database:

• Install only what is required.

• Lock and expire default user accounts.

• Enforce password management.

• Enable data dictionary protection.

• Practice the principle of least privilege.

• Grant necessary privileges only.

• Revoke unnecessary privileges from the PUBLIC user group.

• Restrict permissions on run-time facilities.

• Enforce access controls effectively and authenticate clients stringently.

• Restrict network access.

• Apply all security patches and workarounds.

• Use a firewall.

• Never poke a hole through a firewall.

• Protect the Oracle listener.

• Monitor listener activity.

• Monitor who accesses your systems.

• Check network IP addresses.

• Encrypt network traffic.

• Harden the operating system.