Oracle

How to set a measurable goal for Oracle EBS security management

by | October 19, 2016

How to set a measurable goal for Oracle EBS security management

Oracle just released their quarterly Critical Patch Update on October 18th. So this is a good time to talk about security for your Oracle EBS system. 

According to the Center of Internet Security, One of the questions that should be answered as part of your Oracle EBS Security Practices would be: How long does it take your organization to deploy security patches into the production environment?

Helpful Metric

Mean Time to Patch (MTTP) measures the average time taken to deploy a patch to the organization’s technologies. The more quickly patches can be deployed, the lower the mean time to patch and the less time the organization spends with systems in a state known to be vulnerable.

Essential Formula

Calculate the number of hours between the Date of Availability and the Date of Installation for each patch in the current scope (In this case, the scope is Oracle EBS Critical Patch Updates). Then average these results across the number of completed patches in the current scope.


MTTP = Sum of hours (Date_of_Installation – Date_of_Availability)
Count (Completed_Patches)


Ultimate Goal

The ultimate goal is to lower this number over time and find ways to accelerate your Oracle EBS Releases so that you can deploy those patches in production faster and safer.

We suggest that you define a Mean Time to Patch goal to ensure security of your Oracle EBS and a quick response to vulnerability fixes.  Stick to your goal throughout the year and make the time for implementation.  This will help keep your company’s EBS system up-to-date and give you some peace of mind.

 

Practical tips on how to keep your EBS secure

 

Start the comments

0

I Want Risk-Free Change

×