{"id":12014,"date":"2018-11-20T16:50:07","date_gmt":"2018-11-20T15:50:07","guid":{"rendered":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/"},"modified":"2018-11-20T16:50:07","modified_gmt":"2018-11-20T15:50:07","slug":"oda-and-cis-gdpr-features","status":"publish","type":"post","link":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/","title":{"rendered":"ODA and CIS \/ GDPR features"},"content":{"rendered":"<p>We all know that security becomes&#8230;sorry, is one of the hottest topic when setting up IT environment. One basis for that is to be compliant with regulations or standards such as GDPR or CIS. What is not so well known, is that ODA already integrates some tool to support you for that.<br \/>\n<!--more--><\/p>\n<p>During this first day @DOAG2018 I followed and interesting session from Tammy Bednar, Senior Director of Product Management for ODA, about <a href=\"https:\/\/blogs.oracle.com\/oda\/oda-cis\">ODA and Security<\/a>.<\/p>\n<p>Beside the traditional points about the integrated stack of ODA, SUDO configuration or the Oracle Database Security options, I also heard about nice scripts available on ODA since version 12.2.1.3 to check ODA compliance against CIS standards.<\/p>\n<p>For reminder the CIS, Center for Internet Security, produces security guidelines for components such as Linux, databases and much more. As member of the CIS, dbi services proposes security audits based on these guidelines (<a href=\"https:\/\/www.dbi-services.com\/offering\/services\/it-security-services\/\">https:\/\/www.dbi-services.com\/offering\/services\/it-security-services\/<\/a>)<\/p>\n<p>On ODA there is now, out of the box, a \u201esmall\u201c Python script, which allows to check the CIS \u201estatus\u201c on OS level for your ODA.<\/p>\n<p>To do so you can simply go in <em>\/opt\/oracle\/oak\/bin<\/em> and run the script <em><strong>cis.py<\/strong><\/em>.<\/p>\n<p><a href=\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-29403 \" src=\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\" alt=\"IMG_0181\" width=\"662\" height=\"394\" \/><\/a><\/p>\n<p><em>Sorry, as I couldn\u2018t take my ODA with me in N\u00fcrnberg, I do have only a picture of the script so far \ud83d\ude09<\/em><\/p>\n<p>There are 2 good news when running this script on an brand new installed ODA.<\/p>\n<ol>\n<li>The ODA is out of the box already 41% CIS compliant, which is not bad at all<\/li>\n<li>The ODA is only 41% compliant with CIS, which means there still room for improvement and some work for sysadmins like me \ud83d\ude09<\/li>\n<\/ol>\n<p>More seriously a real added value of this tool is that beside doing the compliance check it provides a features to fix some\/all points. The advantage here is that in comparison of manual changes it makes sure it does not change anything which ODA relies on and breaks it.<\/p>\n<h3>What about the database?<\/h3>\n<p>Of course ODA is not only an Operating System. At the end there are databases running on it. So the question is: if the <strong>cis.py<\/strong> performs checks on OS level, what can I do on DB one?<\/p>\n<p>For this Oracle released of free (yes free) tool called DBSAT, which stands for Database Security Assessment Tool.<br \/>\n<a href=\"https:\/\/www.oracle.com\/database\/technologies\/security\/dbsat.html\">https:\/\/www.oracle.com\/database\/technologies\/security\/dbsat.html<\/a><\/p>\n<p>This tools runs against your database and make CIS but also some GDPR compliance checks providing a report. The report can be export in JSON for activities such as cross databases check.<\/p>\n<p>More blogs to follow about these tools, once back from the DOAG&#8230;but now it\u2018s slowly time for the traditional Schweitzer Abend and some party \ud83d\ude09<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We all know that security becomes&#8230;sorry, is one of the hottest topic when setting up IT environment. One basis for that is to be compliant with regulations or standards such as GDPR or CIS. What is not so well known, is that ODA already integrates some tool to support you for that.<\/p>\n","protected":false},"author":7,"featured_media":12015,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[229],"tags":[],"type_dbi":[],"class_list":["post-12014","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-database-administration-monitoring"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>ODA and CIS \/ GDPR features - dbi Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ODA and CIS \/ GDPR features\" \/>\n<meta property=\"og:description\" content=\"We all know that security becomes&#8230;sorry, is one of the hottest topic when setting up IT environment. One basis for that is to be compliant with regulations or standards such as GDPR or CIS. What is not so well known, is that ODA already integrates some tool to support you for that.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\" \/>\n<meta property=\"og:site_name\" content=\"dbi Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-20T15:50:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1383\" \/>\n\t<meta property=\"og:image:height\" content=\"822\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Hueber\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Hueber\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\"},\"author\":{\"name\":\"David Hueber\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8873e20a98a02305870909f4e3d0088f\"},\"headline\":\"ODA and CIS \/ GDPR features\",\"datePublished\":\"2018-11-20T15:50:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\"},\"wordCount\":458,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\",\"articleSection\":[\"Database Administration &amp; Monitoring\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\",\"name\":\"ODA and CIS \/ GDPR features - dbi Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\",\"datePublished\":\"2018-11-20T15:50:07+00:00\",\"author\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8873e20a98a02305870909f4e3d0088f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\",\"contentUrl\":\"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg\",\"width\":1383,\"height\":822},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.dbi-services.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ODA and CIS \/ GDPR features\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#website\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/\",\"name\":\"dbi Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8873e20a98a02305870909f4e3d0088f\",\"name\":\"David Hueber\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/fc07284dbd5667f0bed32b0d8d64076ab885746973ea1b5c4e69c6fa7074cf59?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/fc07284dbd5667f0bed32b0d8d64076ab885746973ea1b5c4e69c6fa7074cf59?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/fc07284dbd5667f0bed32b0d8d64076ab885746973ea1b5c4e69c6fa7074cf59?s=96&d=mm&r=g\",\"caption\":\"David Hueber\"},\"description\":\"David Hueber has ten years of experience in infrastructure operation &amp; management, engineering, and optimization. He is specialized in Oracle technologies (engineering, backup and recovery, high availability, etc.), Service Management standards and Oracle infrastructure operation processes (Service Desk, Change Management, Capacity Planning, etc.). David Hueber is ITILv3 Service Operation Lifecycle certified and Linux LPIC-1 certified. He received a university degree in Informatics and Networks at the IUT Mulhouse, France. He also studied Information Systems at the Conservatoire National des Arts et M\u00e9tiers in Mulhouse, France. His branch-related experience covers Financial Services \/ Banking, Chemicals &amp; Pharmaceuticals, Transport &amp; Logistics, Retail, Food, etc.\",\"url\":\"https:\/\/www.dbi-services.com\/blog\/author\/david-hueber\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"ODA and CIS \/ GDPR features - dbi Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/","og_locale":"en_US","og_type":"article","og_title":"ODA and CIS \/ GDPR features","og_description":"We all know that security becomes&#8230;sorry, is one of the hottest topic when setting up IT environment. One basis for that is to be compliant with regulations or standards such as GDPR or CIS. What is not so well known, is that ODA already integrates some tool to support you for that.","og_url":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/","og_site_name":"dbi Blog","article_published_time":"2018-11-20T15:50:07+00:00","og_image":[{"width":1383,"height":822,"url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg","type":"image\/jpeg"}],"author":"David Hueber","twitter_card":"summary_large_image","twitter_misc":{"Written by":"David Hueber","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#article","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/"},"author":{"name":"David Hueber","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8873e20a98a02305870909f4e3d0088f"},"headline":"ODA and CIS \/ GDPR features","datePublished":"2018-11-20T15:50:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/"},"wordCount":458,"commentCount":0,"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg","articleSection":["Database Administration &amp; Monitoring"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/","url":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/","name":"ODA and CIS \/ GDPR features - dbi Blog","isPartOf":{"@id":"https:\/\/www.dbi-services.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage"},"image":{"@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage"},"thumbnailUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg","datePublished":"2018-11-20T15:50:07+00:00","author":{"@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8873e20a98a02305870909f4e3d0088f"},"breadcrumb":{"@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#primaryimage","url":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg","contentUrl":"https:\/\/www.dbi-services.com\/blog\/wp-content\/uploads\/sites\/2\/2022\/04\/IMG_0181.jpg","width":1383,"height":822},{"@type":"BreadcrumbList","@id":"https:\/\/www.dbi-services.com\/blog\/oda-and-cis-gdpr-features\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.dbi-services.com\/blog\/"},{"@type":"ListItem","position":2,"name":"ODA and CIS \/ GDPR features"}]},{"@type":"WebSite","@id":"https:\/\/www.dbi-services.com\/blog\/#website","url":"https:\/\/www.dbi-services.com\/blog\/","name":"dbi Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.dbi-services.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.dbi-services.com\/blog\/#\/schema\/person\/8873e20a98a02305870909f4e3d0088f","name":"David Hueber","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fc07284dbd5667f0bed32b0d8d64076ab885746973ea1b5c4e69c6fa7074cf59?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fc07284dbd5667f0bed32b0d8d64076ab885746973ea1b5c4e69c6fa7074cf59?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fc07284dbd5667f0bed32b0d8d64076ab885746973ea1b5c4e69c6fa7074cf59?s=96&d=mm&r=g","caption":"David Hueber"},"description":"David Hueber has ten years of experience in infrastructure operation &amp; management, engineering, and optimization. He is specialized in Oracle technologies (engineering, backup and recovery, high availability, etc.), Service Management standards and Oracle infrastructure operation processes (Service Desk, Change Management, Capacity Planning, etc.). David Hueber is ITILv3 Service Operation Lifecycle certified and Linux LPIC-1 certified. He received a university degree in Informatics and Networks at the IUT Mulhouse, France. He also studied Information Systems at the Conservatoire National des Arts et M\u00e9tiers in Mulhouse, France. His branch-related experience covers Financial Services \/ Banking, Chemicals &amp; Pharmaceuticals, Transport &amp; Logistics, Retail, Food, etc.","url":"https:\/\/www.dbi-services.com\/blog\/author\/david-hueber\/"}]}},"_links":{"self":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/12014","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/comments?post=12014"}],"version-history":[{"count":0,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/posts\/12014\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media\/12015"}],"wp:attachment":[{"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/media?parent=12014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/categories?post=12014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/tags?post=12014"},{"taxonomy":"type","embeddable":true,"href":"https:\/\/www.dbi-services.com\/blog\/wp-json\/wp\/v2\/type_dbi?post=12014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}