Linux has an enviable reputation as a secure platform for servers. But Linux the Unhackable?
Certain myths persist about the inherent resistance of Linux to viruses and the superfluity of firewalls.
However, the only basis for truth (and fast fading at that) is statistical. Linux as a minority platform attracted less hacker interest, who made fewer viruses to attack it.
As Linux’s popularity has grown, so has the number of viruses, not to mention the need for additional firewalls.
Linux is no more unhackable than other operating systems. You can however reduce its hackability with some simple precautions that unsurprisingly look like steps you would take for other systems.
- Minimal installation. Install only what you need. Keep only what you need. Worry only about what is essential and reduce potential attack surface by eliminating the rest.
- Install the latest security patches. For Linux server platforms, you can make patch installation automatic. Depending on your distribution, you may not even have to stop your kernel or any applications running on top of it.
- Use suitable security devices. If your Linux system can function from behind a firewall, then use one. Remember that firewalls exist for both network and application level traffic, and that smart systems using behavioural analytics can help detect attacks as they start, rather than after they have finished.
- Scan regularly for security. You can automate this and do exception management, only spending time and effort if a scan report indicates something abnormal.
- Use strong passwords. Yes, you can have a strong password to defeat hackers, but that is also easy for you to remember. And hey, no shortcuts like using the same password for different admin accounts either.
- Disk encryption. At rest as in transit, encrypt your data.
- Admin/user information security awareness. Some people still don’t get it. Help them to see the light by making them aware of the importance of information security for them and those around them.