This article attempts to understand what best practices are and why it’s so important to cybersecurity. Second this article will attempt to apply what was learned regarding best practices to protect a modern Linux system. A secure Linux virtual machine will be achieved through the application of best practices. Furthermore the applied teachings will be tested in an attempt to quantifiably prove security within the bounds of this article. After all, the goal is to make the system stronger rather than weaker.
In order to best service our systems for cybersecurity it’s important to identify and understand the necessary steps needed. Outcomes from this definition section should involve answering the following pertinent questions:
What are Best Practices
Where can they be found
Which specific practices should we choose
Why test them
What are Best Practices?
Best practices are a set of recommendations and implementation details for a particular situation or system. In regards to Linux the most common best practice to implement on day one is disabling the “root” account. For logging and audit credibility it’s important to know exactly which user is performing which actions. Commonly an organization will have more than one system administrator and if each of their actions are being logged under a shared account, remediation will be far more difficult.
Interested in reading the rest of this whitepaper? Download it here!
1217 Sansom Street
Philadelphia, PA 19107