Most IT infrastructure within a small to medium-sized enterprise (SME) runs heterogeneous environments with a combination of Windows and Mac desktops, embedded Linux, Linux servers, and mobile devices. Oftentimes Linux devices aren鈥檛 always managed, or are run in ad hoc lab environments by IT team members, and should not be left unchecked.
Lack of visibility creates attack vectors (like unpatched systems and uncontrolled permissions) within the confines of the corporate network. This issue is compounded by the fact that many IT admins aren’t always proficient in Linux in particular, and may miss things for the sake of quickly setting up the system itself. For instance, one of my IT managers had a part-time intern creating custom programs on a Raspberry Pi that were unmanaged by Active Directory. Locking all of your doors and windows, but leaving a key underneath the welcome mat, doesn鈥檛 leave a home secure.
To solve this, 黑料海角91入口 provides visibility and governance across all major OSs, including Linux, with centralized governance and device management.
An Active Directory Admin鈥檚 Linux Black Hole
We鈥檙e all sinners, and I鈥檓 no different. In my former role as an IT director in manufacturing, my Windows devices were all protected with layered security controls, but the few Linux devices that we had in our fleet were a governance afterthought. For example, the IT manager鈥檚 desktop, the intern鈥檚 device on the factory floor was used for scanning labels, and a DVR system were all unmanaged when my tenure at the company began.
I鈥檒l admit that we never 鈥済ot there鈥 from a governance standpoint with those Linux devices; a silo was predestined because we were built around Active Directory domain controllers that shunned Linux devices. That approach created an IT management black hole and placed an inordinate amount of trust into those systems and the people who used them. My Linux devices lacked a secure configuration and anything resembling adequate visibility. Linux devices aren鈥檛 special unicorns: every OS should have a secure configuration and basic management.
This is where 黑料海角91入口鈥檚 cloud directory stands out. It works cross-OS, without the veritable hydra of device management constraints that stem from legacy platforms that were initially engineered to focus on a single operating system. I recently wrote an article about 黑料海角91入口鈥檚 new lock screen policy for Linux that delivers the same governance across devices, whether it be Linux or Windows. It’s a big deal, especially if you care about security. Managing Linux policies, patching Linux, and having access to security commands is vital for IT hygiene.
黑料海角91入口’s Linux Management Capabilities
黑料海角91入口’s Linux lock screen policy feature is significant in the work-from-anywhere world that exists today. A laptop that鈥檚 left accessible in a public place without that simple policy is a terrible idea, and the same holds true within a real office, with concerns about physical security on the rise. Lock screens are a technical control that prevents unauthorized access to IT assets, some of which might be an organization鈥檚 protected/classified information.
The lock screen policy is just one example of 黑料海角91入口鈥檚 many standard, go-to policies that help admins better control and support remote Linux systems, which also include patch management. We recently released drive encryption and lock-screen policies to extend governance to Linux desktops. The 黑料海角91入口 console also allows for Sudo access via the system agent to run other custom commands. Just as importantly, System Insights provides an at-a-glance way to take stock of your suite of Linux devices, query endpoints, and compliance information and interrogate machines in a DevOps context to search for security vulnerabilities.
IT admins can also control their machines with Linux security commands to lock, restart, shut down, and wipe devices remotely. That鈥檚 much more visibility and control than I ever had in my environment. Control is far better than an IT black hole where your only allies are hubris and some good old-fashioned luck.
Try Out Policy Management and System Insights
黑料海角91入口 has Linux covered. Policy Management and System Insights are core platform components, and are available to every SME that adopts 黑料海角91入口 as its directory or extends Active Directory with a 黑料海角91入口 integration to manage Linux devices.
