Linux has long been considered a safe operating system that, with its opensource, community built kernel, is less likely to be a mark for cybercriminals because attacking it can be a far more daunting task than going after other, bigger, more vulnerable targets. But with the rising popularity of Linux and its introduction into the business environment, its attractiveness to hackers has grown as the recent slew of cyberattacks aimed at it can attest. From the backdoored version of Linux Mint that users unwittingly downloaded in February 2016 to the Mirai trojan used in DDoS attacks on computers running Linux in August 2016 and the most recent Erebus Linux ransomware attack that infected South Korean servers in June 2017, Linux’s image as the most secure OS is slowly cracking. And while it has yet to come under the relentless wave of attacks other OS like Windows and Android (that also uses a Linux kernel) have suffered in the last two years, the previously mentioned attacks are proof that it can be done if hackers are tempted enough.
But where does data loss fit into the greater scheme of Linux’s overall security? Is data stored on Linux computers more or less secure than on their Windows counterparts? The answer is neither. Both are equally vulnerable. The reason for this is a fairly simple one: data loss has little to do with a computer’s operating system, but rather with its users. Employee negligence and ill-intent are by far the most common reasons for data loss. In the same way, a Windows user can misplace a USB or upload sensitive data onto an unsafe file sharing service, a Linux user can do it too. The same applies to data theft: disgruntled employees do not need to exploit Linux vulnerabilities to access sensitive information. They just need to be allowed to copy or upload it undisturbed.
Luckily, Data Loss Prevention solutions have started taking into account the increasingly larger market share Linux’s versions and distributions have snatched for themselves in recent years to the detriment of more widespread OS like Windows. Endpoint Protector was one of the first to acknowledge there was a need for Data Loss Prevention for Linux and has since become a leader in the field, joining the Linux Foundation and offering the latest DLP tools for Ubuntu, openSUSE, CentOS and RedHat. Such products can help IT administrators set up content filtering for sensitive data, monitor and block policy violations and define access rights for USBs and other devices.
It is also worth keeping in mind that, with the rise of BYOD and Linux’s unique status as a free OS, more and more companies are finding they are managing mixed OS networks that include machines running on Linux and macOS. It is therefore important when choosing a DLP product that you consider the composition of your network and ensure that your chosen product covers all the operating systems your computers are running on, otherwise you might wind up overspending on multiple products, each specializing on a single OS, which is neither cost effective for your company nor time efficient for your IT administrators.
In conclusion, data loss is mostly a question of negligence and malice that can make victims of computers running any OS. Where the OS does matter is the accessibility to Data Loss Prevention tools. There are much fewer choices on the market for Linux users than there are for Windows users and the products available often do not offer the same breadth of services that can be found on the mainstream market. Fortunately, there are companies that have decided to serve Linux users just as devotedly as they do those of other operating systems. We are, of course, one of them.
By: Andrada Coos
Source: Endpoint Protector Blogs