Ten years ago it didn’t seem like Linux growth could increase any faster. Then, in 2006, Amazon launched Amazon Web Services (AWS). Linux growth went from linear to exponential. AWS competitors sprang up and were acquired by IBM, Microsoft, and other big players, accelerating Linux expansion even more.
Linux became the platform of choice for the private cloud. But this movement wasn’t confined to the cloud. A rush to create Linux applications and services spilled over to traditional on premises. Linux had evolved from that obscure thing people ran web servers on to the backbone operating system of the majority of IT.
The Need for Linux Security is Growing Faster than Linux Deployments
Yet, with this immense growth, the old pattern regarding IT security stayed true. Security on the Linux platform – like every other platform that came before it – is an afterthought. Headlines about breaches usually focus on malware infecting Windows endpoints. But they often leave out the Linux name when reporting huge dumps of data resulting from poorly secured Linux servers.
Just like their malware bitten cousins, Linux hosts are often attacked because of poor privileged credential management. Default passwords that are never changed, cryptographically weak passwords set for human convenience, sudo settings with unknown consequences, and SSH key pairs that don’t belong in place and lead to SSH vulnerabilities are just some of the Linux security challenges that IT pros face. With so much of today’s IT infrastructure running on Linux, the need to win these security battles has never been more important.
Watch our recorded webinar Linux Security Automation at Scale to learn more.
Automation is an Asset and a Risk
How did Linux become this cloud juggernaut? Why not something else? Many would point out the cost of Linux (free). But if you took something “free” and spent millions making it automation friendly, then that argument goes out the window.
Automation is the key. Linux provides the flexibility you need in a fully automated system. It lets you script anything, change anything, package anything. Linux fits into different hypervisors, runs elastically and allows you to be hardware agnostic. Some of that comes from its UNIX roots. But the hardware agnostic and change anything you want ideas are the twists that give Linux its edge.
UNIX has always had security challenges because it was never designed for an online, always exposed world. Linux inherits those challenges. IT admins attempt to make up for it with hardening, using free tools like sudo to control privilege, and trying to limit the god like powers of the all-seeing root user at the heart of every Linux system. All too often, though, when a conflict arises between speed, scale or automation on one side and security on the other side, security is on the losing end.
What Linux needs is security that can keep up with it by being just as flexible and automated. Linux needs security that will not sacrifice its power, while still offering powerful protection.
And that’s the topic of our recorded webinar, Linux Security Automation at Scale.
Watch the webinar now at https://liebsoft.com/news-events/linux-security-automation-scale-webinar/