Understanding Linux Security

February 20, 2015 Yossi Dantes

 

Over the years, it has been interesting to watch the rise of Linux servers as the go-to operating system for organizations. They’re touted for their superior stability, security, hardware, affordable cost of ownership and more. A recent IDC report found that Linux server demand has continued to grow with increased cloud infrastructure deployments and that they now represent 28.5 percent of all server revenue.

But popularity aside, Linux servers are not without flaws and can still be compromised, and the complexities of Unix environments, including customization and integration of script-based operations, can make security problems even more challenging. One recent example of its susceptibility was the critical vulnerability found in glibc, the GNU C library, which allowed attackers to execute code, gain access to user permissions, and remotely gain control of Linux machines. While patched, the so called “GHOST” vulnerability raises the question of how organizations can prevent exploitation of similar Linux issues. Beyond the glibc vulnerability, we all remember the Shellshock bug that was uncovered late last year, which affected all UNIX-based operating systems and Apple’s OS X and is still a big issue for the Linux community.

So how can organizations implement the necessary precautions to ensure their Linux servers don’t become a pathway for attackers to compromise and exfiltrate critical data? One important step is to follow the least privilege principle, which gives users no more access than is necessary for them to do their jobs.

This also means granting privileges strictly for current needs – not future ones – and continuously reviewing existing privileges to revoke those that are no longer required. The biggest challenge organizations and IT managers face today with regards to their super-user and administrator accounts is understanding who is accessing business-critical systems and information, and when they are accessing them. And that’s not to mention ever-increasing compliance regulations, which require stringent control over privileged accounts to prevent exposure of sensitive information to unauthorized users.

CyberArk takes the burden off of your organization, allowing you to easily combat Linux security issues while effectively balancing security and compliance requirements with operational and end-user needs. CyberArk On-Demand Privileges Manager  allows for enterprise-ready, centralized management and enables you to control and monitor administrative rights on desktops and servers, protecting both Unix/Linux and Windows environments. With CyberArk On-Demand Privileges Manager, user access can be determined and run based on the role and task at hand, dramatically reducing the exploitation of privileged accounts and overall risk within an enterprise.

As Linux servers continue to be relied on as the OS for the enterprise, it’s important to implement a solution to protect against security issues that are bound to arise. To help do so, we encourage you to check out our white paper, The 10 Pains of Unix Security.  And to learn more about our On-Demand Privileges Manager solution or to speak with a security specialist, visit here.

 

Previous Article
What the NIST Guidelines for Secure Shell Mean for Your Organization
What the NIST Guidelines for Secure Shell Mean for Your Organization

The National Institute of Standards and Technology (NIST) recently issued guidelines for the use of Secure ...

Next Article
ISO 27002 and Safeguarding Privileged Access
ISO 27002 and Safeguarding Privileged Access

The International Organization for Standardization (ISO) has published an updated International Electrotech...