Steps to a secure operating system
Computerworld - Today's operating systems are more sophisticated and feature-rich than ever before, which makes them substantially more useful to the enterprise but also adds to security vulnerability—unless the operating systems are configured, administered and monitored correctly. Contrary to popular belief, this can be accomplished with a minimum of fuss and bother. The key is to centralize and automate operating system security across the enterprise, rather than do it manually for each box.
In fact, the costs and risks of not centralizing and automating operating system security are enormous. Over half of the security break-ins we read about daily are the result not of inherent weaknesses in operating system technology but of operating systems not being configured properly or not being verified and monitored regularly. The operating systems were provisioned out of the box at the default security settings, which made them highly vulnerable to attack.
Today, roughly 20% of user identifications and passwords have never been changed. The word password is still a common password in many organizations. The reason administrators neglect to configure these settings properly is simple: It would take approximately 20,000 hours to provision and verify a 1,000-server network manually, as it must be done in many organizations, and few organizations can afford the necessary time and money.
|Arvind Krishna is vice president for security products at IBM Tivoli Software.
There are three things that can enhance operating system security across an enterprise network. First, provisioning of the servers on the network should be done once in one place, involving the roughly tens of separate configurations most organizations require. This image, or set of images, can then be downloaded across the network, with the help of software that automates this process and eliminates the pain of doing it manually for each server. Moreover, even if you had an instruction sheet for these key configurations, you wouldn't want local administrators to access these key configurations for each server, which is very dangerous. The best way to do it is once and for all.
Once the network has been provisioned, administrators need to be able to verify policy compliance, which defines user access rights and ensures that all configurations are correct. An agent running on the network or remotely can monitor each server continuously, and such monitoring wouldn't interfere with normal operations.
Second, account management needs to be centralized to control access to the network and to ensure that users have appropriate access to enterprise resources. Policies, rules and intelligence should be located in one place—not on each box—and should be pushed out from there to provision user systems with correct IDs and permissions. An ID life cycle manager can be used to automate this process and reduce the pain of doing this manually.
Third, the operating system should be configured so that it can be used to monitor activity on the network easily and efficiently—revealing who is and isn't making connections, as well as pointing out potential security events coming out of the operating system. Administrators can use a central dashboard that monitors these events in real time and alerts them to serious problems based on preset correlations and filtering. Just as important, this monitoring system should be set up so that administrators aren't overwhelmed by routine events that don't jeopardize network security.
Security doesn't have to be a budget buster or interfere with normal business operations. As organizations move from manual to automated security processes, there are significant cost savings to be had. Manual processes are not only expensive and inflexible; they also contribute significantly to breakdowns that add to costs. Properly configured operating system security is a business enabler that will save money as it keeps the bad guys where they belong—on the defensive.
- Editor's Note: Tips From Security Pros
- The Story So Far: IT Security
- Know Thy Users: Identity Management Done Right
- Opinion: Feeling Insecure About Databases
- Evaluate Outsourcing Partners
- Strengthen Security During Mergers
- Thwart Insider Abuse
- Privacy Protection, Step by Step
- Plug IM's Security Gaps
- Boost Your Security Career
- The Almanac: IT Security
- Buffer Overflow
- The Next Chapter: IT Security
- Thwarting attacks on Apache Web servers
- Tips for Securing Your Windows Operating System
- The Hacker's Wireless Toolbox Part 1
- How to defend against internal security threats
- Ten ways to defend against viruses
- Decoding Mobile Device Security
- Five ways to thwart threats to your network
- Secrets to the best passwords
- Social engineering: It's a matter of trust
- Five tips for effective patch management
- Security Basics: Where to Start
- Steps to a secure operating system
- WLAN chip sets open a new door to insecurity
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts