ARE YOU RUNING LINUX RIGHT?

Similar documents
Nessus Agents. October 2015

8 Steps for Network Security Protection

8 Steps For Network Security Protection

REPORT State of Vulnerability Risk Management

The Importance of Patching Non-Microsoft Applications

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

SEAMLESS HYBRID CLOUD WITH MICROSOFT

Tahoe Tech Group serves as your technology partner with a focus on providing cost effective and long term solutions.

McAfee Server Security

Introduction to Penetration Testing Graham Weston

Tackling Third-Party Patches

THE TOP 4 CONTROLS.

The Importance of Patching Non-Microsoft Applications

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

Five steps to improve your network s health

HACKERS & ATTACK ANATOMY

IT & DATA SECURITY BREACH PREVENTION A PRACTICAL GUIDE. Part I: Reducing Employee and Application Risks

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Host/Platform Security. Module 11

Data Security. So many businesses leave their data exposed, That doesn t mean you have to Computerbilities, Inc.

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

eeye Digital Security Product Training

SESSION 507 Thursday, March 26, 11:15 AM - 12:15 PM Track: Desktop Support

The Role of the Operating System in Cloud Environments

Implementing Security Update Management

The Cloud App Visibility Blindspot

White Paper - Crypto Virus. A guide to protecting your IT

WHITE PAPER Linux Management with Red Hat Network Satellite Server: Measuring Business Impact and ROI

AVOIDING PATCH DOOMSDAY Best Practices for Performing Patch Management

What Do You Mean My Cloud Data Isn t Secure?

Not for distribution or reproduction.

TITUS Data Security for Cloud Identify and Control Sensitive Data Sent to the Cloud

Automated Patching. Paul Asadoorian IT Security Specialist Brown University

Endpoint Protection Small Business Edition 2013?

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

The Cloud App Visibility Blind Spot

+ MANAGED & CLOUD SERVICES. End of Exchange Decision Guide

12 Security Camera System Best Practices - Cyber Safe

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Service Manager and the Heartbleed Vulnerability (CVE )

Vulnerability Intelligence & 3 rd party patch management

THE BLUENOSE SECURITY FRAMEWORK

Streamlining Patch Testing and Deployment

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Alice. Software as a Service(SaaS) Delivery Platform. innovation is simplicity

Simplifying Desktop Mgmt With Novell ZENworks

Use of tablet devices in NHS environments: Good Practice Guideline

Cloud security with Sage Construction Anywhere

Getting a Secure Intranet

PATCH MANAGEMENT POLICY IT-P-016

Virtual Patching: a Proven Cost Savings Strategy

Web App Security Audit Services

Red Hat Enterprise ipa

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Cloud and Data Center Security

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Kaspersky Security for Mobile

Uni Vault. An Introduction to Uni Systems Hybrid Cloud Data Protection as a Service. White Paper Solution Brief

Deep Security Vulnerability Protection Summary

Metatron Technology Consulting s Strategic Guide to Open Source Software

Network Assessment. Prepared For: Prospect Or Customer Prepared By: Your Company Name

PATCH MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

Ixonos Cloud Solutions - A Review

VICNET is G-Cloud7 GOV UK Supplier VISIT DIGITAL MARKET PLACE VICNETCLOUD VICNET CLOUD MIGRATION SERVICES

IT Audit in the Cloud

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 Part Number: E April 2016

Security Vulnerability Management. Mark J Cox

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

Nine Steps to Smart Security for Small Businesses

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools

2015 Vulnerability Statistics Report

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: PRICING & LICENSING GUIDE

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

How To Secure Your System From Cyber Attacks

Report on Hong Kong SME Cloud Adoption and Security Readiness Survey

Web Drive Limited TERMS AND CONDITIONS FOR THE SUPPLY OF SERVER HOSTING

HOW TO BUY ERP. SaaS, Custom, Packaged, or Hybrid Software? A Buyer s Guide to Purchasing ERP Solutions

IT Security & Compliance. On Time. On Budget. On Demand.

Access Tropical Cloud Desktop from Any Device

Achieve Economic Synergies by Managing Your Human Capital In The Cloud

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

Public Cloud Security: Surviving in a Hostile Multitenant Environment

Guardium Change Auditing System (CAS)

Cloud Vendor Benchmark 2014 A Comparison of Software Vendors and Service Providers

Presented by Evan Sylvester, CISSP

PCI Data Security Standards (DSS)

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

Pocket E-Guide. TechTarget Data Center Media

A Network Administrator s Guide to Web App Security

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

A Case for Managed Security

Host-Oriented Security Test Suite (HOSTS)

What is Cloud-Based Security? Cloud-based Security = Security Management + Cloud Computing.

Red Hat & SAP Support Overview

Modern App Architecture for the Enterprise Delivering agility, portability and control with Docker Containers as a Service (CaaS)

Nessus and Mobile Device Scanning. November 7, 2014 (Revision 12)

Protecting Data and Privacy in the Cloud

AVeS Cloud Security powered by SYMANTEC TM

Transcription:

ARE YOU RUNING LINUX RIGHT? Linux is widely deployed today in the modern datacenter. However, in the face of modern security threats, are you running it right?

INTRODUCTION Enterprise Linux has become the cornerstone of the modern datacenter. From running basic services to mission-critical transactional systems, Linux is capable of running the most critical of IT workloads. Today, Enterprise Linux powers the Internet including over 60% of public, private and hybrid clouds. As businesses become reliant on Linux, it is important for IT departments to pause and take a look at their own Linux Infrastructure to ensure they are doing it right from both a security and compliance perspective. We present here 4 strategies for running Linux right in the enterprise. 1. Get Support from your Linux vendor Having a Linux vendor support ensures that IT departments are not alone when they run into problems. From our experience working with IT departments on their Linux Infrastructures, we have noticed an alarming trend of running Linux unsupported for critical applications. This is a dangerous position to be in especially if your critical business applications run on Linux. However, having support from your Linux vendor is more of a common sense than a strict requirement. Application down times happen, but when they do, you are better off having your Linux vendor supporting you. For instance, for organizations running Red Hat Enterprise Linux, support is available through Red Hat, the leading Enterprise Linux vendor. Having a Linux vendor support ensures that IT departments are not alone when they run into problems. This means that whatever happens, the Linux vendor is a phone call or email away. Often times we educate customers on the fact that Enterprise Linux is not licensed like Microsoft Windows Operating System. As 2

such, there are no License fees attached. What customers pay for however, is the 24x7 all year round support that Red Hat provides with unlimited support issues. We encourage businesses to ask about their Linux support contracts with Red Hat from their IT infrastructure vendors. 2. Lock down your Linux Infrastructure There is a commonly held notion that Linux is secure out of the box. This is not entirely true. Out of the box Linux deployment is not at the highest security possible. Most default enterprise Linux deployments are alarmingly weak in security that they could actually become the weak link of your entire IT infrastructure. This opens up loopholes that data thieves, hackers and Linux malwares could exploit to cause damage. In most cases, Out of the box Linux deployment is not at the highest security possible because of limited in-house Linux security skills, many businesses have become victims of data breaches, without even realizing it. It is important that your IT team take the time out to audit your default Linux installations. This could be a difficult task, depending on the skill level of your IT staff. It is important that organizations agree on and define standard services for their entire Linux Infrastructure. This activity is easier if deployments are automated and configuration management systems are put in place. Non-intrusive vulnerability assessment should also be performed on these servers. 3

3. Get Regular updates There is no Operating System (OS) that is 100% bug free. That is why OS vendors regularly push updates throughout the lifetime of an OS. This also applies to Enterprise Linux. As Linux becomes more entrenched, the number of Linux-specific malwares will increase. Regular updates protect your infrastructure. As mentioned earlier, Enterprise Linux is not licensed like Microsoft Windows or other proprietary operating systems. Enterprise Linux is based on a subscription model where you pay an annual fee for subscriptions. This subscription entitles you to phone and email support from the Linux Vendor directly. Your Linux Infrastructure also gets regular updates, bug fixes and patches. If you have paid for Enterprise Linux but As Linux becomes more entrenched, the number of Linuxspecific malwares will increase. Regular updates protect your infrastructure not getting updates you need to call up your IT supplier. Many organizations panicked when the heartbleed bug (in OpenSSL library) was disclosed back in April 2014. If exploited, the bug could reveal private encryption keys, user name and passwords. Many services on Linux rely on this library for encryption. For organizations with Enterprise Linux subscriptions, vendors like Red Hat made updates and patches available within a few hours of the bug discovery. 4. Get your IT Staff Trained Companies that are successfully reaping the benefits of Enterprise Linux have teams of well-trained in house staff to deploy, manage and support their Linux Infrastructure. You do not want to rely solely on Google in the event of a business application on Linux going down. It is tempting to over look the skill required to maintain your 4

Linux Infrastructure in the name of saving a few bucks. In the long run, nothing boosts the confidence of your IT team more than a solid training that teaches them the bolts and nuts of Enterprise Linux. It is important that these in house engineers are trained on methods and best practices when it comes to Linux Infrastructure Management. CONCLUSION Enterprise Linux is used today as the platform of choice for running mission-critical and standard business applications. It positions enterprises to tackle present day challenges facing IT around cost, scale, security and performance. It is important to run your Linux Infrastructure in the most secure and standardized way to reap its full benefits. Nixarus is a leading Enterprise Linux Infrastructure powerhouse. We specialize in the design, implementation and support of Linux powered Infrastructures for medium to large business. We also provide advanced hands-on training on Enterprise Linux for system administrators and IT Managers. Nixarus is a Red Hat Advanced Business Partner. Contact: S48, 9 th Floor. Eleganza Plaza, Plot 634, Adeyemo Alakija Street, Victoria Island, Lagos, Nigeria. www.nixarus.com info@nixarus.com Phone: +234 1 4546474, Mobile: +234 80 3370 5949 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information