UK Cyber Security Boffins Dispense Ubuntu 18.04 Wisdom
GCHQ: Yeah, but maybe don't make it too secure, ok?
The UK’s National Cyber Security Centre (NCSC) has dispensed advice aimed at securing Ubuntu installs and followed it up with help for Dixons customers.
The NCSC, part of the UK’s Government Communications Headquarters (GCHQ) exists to make the UK a safer place to do business online and, in an unusual step for a Government agency, does a pretty good job of dispensing sensible security advice.
Dixons Carphone customers got the treatment yesterday, following the admission that, er, maybe a bit more than 1.2 million users had actually had their privates exposed in a data breach. More like 10 million records. GCHQ's infosec crew suggested Dixons users shouldn't fill in their log-in info via that link on that unsolicited email, hmm?
Last week, however, it was Ubuntu 18.04 LTS upon which the agency turned its gimlet gaze. The security wonks first stated the obvious – route data over a secure VPN to avoid prying eyes, stop users installing whatever they want and for goodness sake, cut down on the admin rights.
Once over the summary, the agency went into detail. It has a number of security principles, and soberly explains the risks associated with Ubuntu along with mitigating steps. The list should be required reading for anyone about to leap into the wonderful world of Linux, thinking all their Windows woes or Mac migraines will vanish overnight.
Of course, this isn’t to say a default installation of Ubuntu 18.04 LTS isn’t already pretty secure. As well as making recommendations, the agency highlights areas where the OS does just fine, with minimal tinkering needed (such as stopping the execution of malicious code, unless you’ve sprayed the system with root level rights like a naughty child with a water pistol.)
The agency has also provided guides for the likes of Office 365, Windows 10 (but only to 1709) and macOS (to 10.13). Ubuntu 16.04 LTS is also present, but other Linux distributions are conspicuous by their absence.
Dell recently shovelled Ubuntu 18.04 LTS onto the Developer Edition of its XPS 13 laptop and users, mindful of the operating system's presence in the vulnerability charts (number 10 in the all time list, but down to 32 in 2017) could do considerably worse than look to the NCSC for tips on keeping things secure.
Source: theregister
Latest Jobs
-
- Security Cloud Consultant, Design / Review / Advise, London
- London
- N/A
-
** Actively recruiting- Able to hire** Security Cloud Consultant, Design / Review / Advise with both technical design / architecture and information security (technical risk assessment) experience is needed to help a growing consultancy work with multiple clients on various security programmes. The responsibilities of the role will include, but not be limited to; Delivering high level security related design, discovering and advising against any security risk within a client’s current architecture, reviewing security architecture plans, design related consultation, technical review of architecture against policies. The Security Cloud Consultant, Design / Review / Advise, needs to have a broad Security Architecture experience including Cloud security Azure, Office265 / AWS is essential. Any of the following would be desirable, although not essential. AZ-500: Microsoft Azure Security Technologies AZ-303: Microsoft Azure Architect Technologies Travel will be required. Given the nature of the clients, the individual must be elidable to achieve UK Security clearance. Apply today for more information Chris.holt@dclsearch.com https://www.linkedin.com/in/chrisholt1/ 07884666351
-
- eDiscovery Relativity Consultant
- London
- Up to £65,000
-
REFCH7559 eDiscovery Relativity Consultant, Processing onwards, London, £65,000 London Experienced eDiscovery Relativity Consultant needed to join a London based client. The eDiscovery Relativity Consultant MUST have experience from the process stage onwards of the EDRM cycle. Processing, Review, Analysis, Production, Presentation. Experience optimising and improving analytics highly desirable. Identification and collection experience is useful but not essential. This individual commutable to London based as the role will be predominately office based Relativity Certified Administrator (RCA) Relativity Analytics Specialist Relativity Processing Specialist Relativity Certified User Relativity Infrastructure Specialist Fluency one or more European languages is desirable but not essential. Structured career progression available. All details kept in the strictest of confidence. Contact me on Chris.holt@dclsearch.com 07884666351 or 02086634030
-
- Cyber Security Consultant, New Job, Devon, £60,000
- Devon
- £60,000
-
Can interview and hire remotely without face to face. Cyber Security Consultant is needed in a client-facing consultancy role in the Devon area. Cyber Security Consultant needs to have a strong information security experience with a technical hands-on background. Travel will be involved with other clients, but a larger proportion of the time will be within the Devon area. This is a Security consultancy role so travel to other client site locations across the country will be expected. Broad InfoSec experience is desirable given the range of projects/programmes you will be involved in. The individual will be required to achieve or currently hold SC security clearance. Apply today. All details kept in the strictest of confidence. Chris.Holt@dclsearch.com 07884666351
-
- New Business Hunter - Cloud interconnect Services
- Paris
- €75,000 + €75,000 OTE
-
Paris Reference RA 7376 Salary up to €75,000 plus 75,000 OTE New Business Hunter - Cloud Interconnect Services A new business hunter is required for this expanding Cloud Connect Services company who are looking to expand their presence within the French Market. They are looking for the right individual who enjoys targeting and winning large enterprise clients, You will be responsible for developing and managing a sales pipeline (qualification of leads, prospecting, monitoring of opportunities, closing ...) in order to go in search of future customers This is a great opportunity to join a rapidly growing business, where you will have the opportunity to become a key member of the Paris team, you will be selling a solution that is in high demand at the moment and will only become more in demand as more business adopt their cloud strategies The company currently has a number of large scale global enterprises as customers so you will have plenty of case studies to call upon. We are looking fr someone with proven new business skills, who can demonstrate new Logo accounts that they have won recently, you will need to be selling either telecom or cloud solutions and have a good understanding on connectivity services