Tackling Unix security in large organisations
Managing security in large organizations can be a challenge. Here are some practical tips for keeping your organization sealed tight.
In large heterogeneous Unix/Linux environments with several hundred servers, keeping up to date with security patches, which are the number one requirement for strong security, is next to impossible. Pushing out patches across hundreds of servers, with a mix of different operating systems, kernels, and versions, is complex, time-consuming, risky, and very expensive. For most large companies a six-month refresh of security patches is the best you can hope for, and even that is optimistic. This means that your servers will have exploitable security bugs most of the time. The challenge is not to eliminate those bugs but to mitigate the risk they pose.
By Iain Roberts at NewsForge.
[ Read more ]
- Review: Introduction to UNIX and Linux (2 February 2004)
- Review: HackNotes Linux and Unix Security Portable Reference (24 October 2003)