Are there any current guides on best practices for securing openedge databases, or any tools which can check the security against any security best practices?
Which version. Some versions have database encryption, others not. That saves from the database being moved to a hackers machine, unless you don't have that feature in your version.
What interface? Character, GUI, Web, or Appserver interface? All of these have things that can be done, but they are not the same for each interface.
Hackers are not the only problem, sometimes it is just a machine going down. Do you have replication by AI files, but replication server, etc.? Again, version dependent.
Start with this whitepaper then answer Scott's questions: what are you trying to secure?
wss.com/.../005_Deploying_a_Progress_Application_in_a_Secure_Environment.pdf
I wrote this some years ago but it is still mostly relevant.
Progress has added features like encryption and in later versions has made it easier to use an external authentication source. However on the authorization side things are mostly the same: the OpenEdge ABL/4GL side is public by default and you have to revoke access while the sql side is deny-deny-deny by default and you have to grant access.
<sales hat on>
WSS provides health check services that can include a security assessment.
<sales hat off>