All Things Database: Education, Best Practices,
Use Cases & More

Enterprise Manager CIS Benchmark Certification Eases Adoption of Secure Database Best Practices

Dan Koloski
Vice President

It only takes a single mistake for the “bad guys” to be able to exploit a misconfiguration and exfiltrate your data. Thanks to the Center for Internet Security, Oracle Database users can avoid such scenarios by following the best practices defined by the CIS Benchmarks™.  With the high rate of change in DevOps-oriented development teams and the profilferation of data across on-premise and cloud environments, database administrators now have an easy way to comply with these standards right within Oracle Enterprise Manager.

Configuration and Compliance management has been part of Oracle Enterprise Manager Database Lifecycle Management for a long time, and we’re happy to report that Oracle Enterprise Manager has been certified by CIS to compare the configuration status of Oracle Databases against the consensus-based best practice standards contained in the Oracle Database Benchmark v2.1.0, Level 1- RDBMS Profile. Organizations that leverage Oracle Enterprise Manager can now ensure that the configurations of their critical assets align with the CIS Benchmarks consensus-based practice standards for all their database releases including Oracle Database 18c and 19c. For more details on Oracle’s CIS listings visit Center for Internet Security Web Site.

“Data is a company’s most valuable asset, and securing it has never been more important.  We are pleased to support the industry standard CIS Benchmarks as part of our comprehensive Enterprise Manager automation and compliance offerings.”

Wim Coekaerts, Senior Vice President, Software Development


"Cybersecurity challenges are mounting daily, which makes the need for standard configurations imperative. By certifying its product with CIS, Oracle has demonstrated its commitment to actively solve the foundational problem of ensuring standard configurations are used throughout a given enterprise.”

Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group. 


Enterprise Manager supports 2 flavors of the CIS Oracle Database v2.1.0 Benchmarks, one for Single-Instance Database and one for Cluster Database.  Below is a screenshot of what the listings look like in the Compliance Framework.

Figure 1.  CIS Benchmarks as they appear in the Enterprise Manager user interface.

CIS provides comprehensive configuration coverage for Oracle database, including:

  • Installation
  • Parameters
  • Connectivity
  • User Privileges
  • Auditing

Below are examples of some of the specific areas the Benchmark focuses on:

Figure 2.  Samples of evaluation areas in the CIS Benchmarks for Oracle Database.

In addition to the CIS Benchmarks included in the latest release of Oracle Enterprise Manager, we’ve also included new Oracle-provided Security benchmarks for Database 18c and 19c.  We’re committed to continuing to bring you best-in-class security offerings to harden your security posture across your data estate, whether on-premise or in the cloud.

For more information about Oracle Enterprise Manager, visit http://www.oracle.com/enterprise-manager and for more information about the Center for Internet Security (CIS), visit https://www.ciscecurity.org.







About CIS

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments. We are a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously refine these standards to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. elections offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.