Govt Program Rewards High Security Standards
Oracle is the first vendor to be part of the government's new purchasing initiative that rewards vendors for meeting stringent security standards.The federal government on Tuesday announced a major new purchasing initiative designed to reward vendors whose products meet certain stringent security standards. The program is an outgrowth of an emerging philosophy inside the Beltway that the governments purchasing power should be used to encourage software and hardware vendors to improve the security of their offerings. The first vendor to be involved in the program is Oracle Corp., which signed a large contract to deliver its database software to the Department of Energy. Karen Evans, CIO of the Department of Energy, announced the contract at an event that also included the Department of Homeland Security, the National Security Agency, the Department of Defense, the General Services Administration and the Center for Internet Security. The new contract calls for the vendor to deliver its database software in a securely configured manner. CIS earlier this month published two sets of benchmarks for Oracles database and those guidelines will be the basis for the configurations of the governments machines.
But, perhaps more importantly, Oracle has also agreed to provide hotfixes and patches that dont change the configurations of machines when theyre installed. As a condition of the contract, Oracle will automatically deliver any new patches or fixes that affect Energys machines to a central server at the department.