CIS and Oracle Database Security Benchmarks

Most Oracle (as well as DB2, MySQL and MS SQL Server) DBA’s are aware of the existence of Oracle database and application security benchmarks, but tend to treat the benchmarks, which are a type of best practice lists, with somewhat of a benignly neglectful attitude. This attitude is attributable to the lack of time on behalf of the harried DBAs, who are tasked with numerous critical functions, including the ensuring of high performance and continuous availability of their systems.

Despite the demands on their time, all database administrators will be doing themselves and their organizations an immense service by checking out the recommended benchmarks by a recognized authority such as the Center of Internet Security (CIS). CIS is a nonprofit organization that provides 52 entirely free benchmarks for databases, operating systems, web servers and applications. For its members, CIS also offers its Benchmark Audit Tool, designed to test your compliance with the various benchmarks.

While there are several database security best practice lists out there, the following are what makes the CIS benchmarks remarkable: the best practices are not handed down in an authoritarian fashion– they’re the result of a consensus among numerous database security professionals. The benchmarks are downloaded in large numbers and many organizations use them as informal standards for database configuration. CIS benchmarks are also widely accepted in government, business, industry and academic circles. Most commercial database security and vulnerability scanners use the CIS benchmarks to assess the vulnerability of databases. You can acquire the various benchmarks by from the CIS website at www.cis.org.

Leave a Comment

Your email address will not be published. Required fields are marked *


Contact Us

If you have an urgent question regarding your software licensing or a software audit, please contact Miro right away.

(732)738–8511 x1208
Use the chat box on the right

About Us

Miro is a leading global provider of software asset management services, specializing in license management, audit advisory, negotiation tactics, support management, and cloud services. We help our clients maximize ROI on their software license investments, stay in compliance, and minimize the impact of audits. Miro's performance guarantee promises that our long-tenured, diverse, and passionate team of expert analysts provides insightful and actionable advice to help our clients achieve the best possible outcomes.

Performance Guarantee

Miro’s no risk Performance Guarantee is that the amount of cost savings that we uncover will be more than our fees.


Managed Services for Oracle Licensing

Miro’s Managed Services for Oracle licensing is a best practice approach for an organization to optimize and outsource the practice of Software Asset Management to specialized external experts to ensure the organization’s compliance with vendor rules and policies.

Learn More