A tech expert explains why Linux has remained a bright spot in an increasingly grim IT security picture, and how businesses can ensure effective, reliable security for their own Linux-based systems.
As Linux becomes more prevalent in today’s enterprise systems, it raises questions about the best way to protect the open source technology. David Humphrey, senior technology advisor for Ekaru, a Westbrook, Mass.-based technology services company, discussed some of those issues with Security Pipeline.
Security Pipeline: How would you describe where Linux security stands today as compared to three to four years ago ?
Humphrey: Linux has never had to face the challenges that Microsoft Windows faces now (and in the past) in those areas of security that we are most familiar with today. Specifically those relating to client use of an OS.
Conversely, Unix (and the many variants of Linux that have been derived from it), has traditionally been the operating system of choice for servers throughout the Internet. This has been true since “Al Gore invented the Internet” (all right, BBN in Cambridge).
IP-based vulnerabilities were the first targets for those trying to break into these networks. This kind of exposure led to a hardening of the OS; lessons on configuring the operating system; and protocol improvements, that, over the years, have reduced this type of security attack.
Three to four years ago, Linux was pretty well nailed-down, and it is even more so now. With table-based IP rules built into the kernel that can examine network traffic for security, VPN functionality similarly migrated directly into the kernel, the Linux of today is even more
secure than yesterday.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.