CRM BOOK RECOMMENDATIONS SOFTWARE
Installing approved enterprise-wide antivirus software to protect servers and workstations, and updating virus pattern files on a periodic and emergency basis as recommended by the vendor
CRM BOOK RECOMMENDATIONS CODE
Running security-maintenance reports regularlyĮnforcing secure coding practices, for example, data validation, when creating custom code and scriptsĮncrypting Web and network communications and sensitive data in the Siebel database, for example, credit card numbers and passwords Keeping up-to-date with the latest security informationĬonfiguring accounts securely, including securing session management Monitoring activity by enabling a minimum level of logging (auditing and reviewing) Some of the general policies recommended to help protect your Siebel CRM deployment and infrastructure include the following:įollowing the principle of least privilege when setting up access controls For general information on preventing security attacks and vulnerabilities in your environment, see General Security Recommendations.Īlign the policies you create to secure your Siebel CRM environment with the overall security policies and principles adopted by your organization. For information on this task, see Performing Security Testing. Perform security risk assessments regularly to identify possible security vulnerabilities in your environment, then address any issues. Some of the well-known Web sites that contain information on security incidents with vulnerabilities and patches are as follows: Monitor security sites for information on newly discovered vulnerabilities affecting third-party components or applications that are integrated with Siebel CRM software. Moving data between applications, computers, and sitesĪllowing nonsecure coding practices when configuring Siebel CRM The following practices can make your applications vulnerable to malicious attacks: This understanding helps you to identify the correct countermeasures that you must adopt. To secure your Siebel CRM environment, you must understand the security threats that exist and the typical approaches used by attackers. This chapter provides detailed procedural information on implementing Siebel security controls only where such information is not provided elsewhere on the Siebel Bookshelf. Examples of hardening tasks include removing unnecessary software, services and utilities, disabling unused user accounts or login IDs, and setting up intrusion-detection systems. Hardening is the process of protecting your computer network and applications from internal and external security threats by minimizing the areas of security vulnerability.
CRM BOOK RECOMMENDATIONS HOW TO
This chapter describes how to harden your Siebel CRM deployment. However, to protect your Siebel data, you must secure both your Siebel Business Applications and the computing environment in which they run. The most important reason for securing an application is to protect the confidentiality, integrity, and availability of an organization's critical information. This chapter provides recommendations for safeguarding your Siebel CRM deployment from internal (intranet) and external (Internet) security threats. It provides detailed procedural information on how to implement security controls to secure your application. It outlines the security controls provided by Siebel CRM. It describes the Siebel security architecture and security concepts. This chapter provides the information you need to protect your Siebel CRM deployment: