A tech expert explains why Linux has remained a bright spot in an increasingly grim IT security picture, and how businesses can ensure effective, reliable security for their own Linux-based systems.
As Linux becomes more prevalent in today’s enterprise systems, it raises questions about the best way to protect the open source technology. David Humphrey, senior technology advisor for Ekaru, a Westbrook, Mass.-based technology services company, discussed some of those issues with Security Pipeline.
Security Pipeline: How would you describe where Linux security stands today as compared to three to four years ago ?
Humphrey: Linux has never had to face the challenges that Microsoft Windows faces now (and in the past) in those areas of security that we are most familiar with today. Specifically those relating to client use of an OS.
Conversely, Unix (and the many variants of Linux that have been derived from it), has traditionally been the operating system of choice for servers throughout the Internet. This has been true since “Al Gore invented the Internet” (all right, BBN in Cambridge).
IP-based vulnerabilities were the first targets for those trying to break into these networks. This kind of exposure led to a hardening of the OS; lessons on configuring the operating system; and protocol improvements, that, over the years, have reduced this type of security attack.
Three to four years ago, Linux was pretty well nailed-down, and it is even more so now. With table-based IP rules built into the kernel that can examine network traffic for security, VPN functionality similarly migrated directly into the kernel, the Linux of today is even more
secure than yesterday.
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.