This is part 2 my article about Linux at Work – part 1 is over on Octagon Technology. You should read that first before continuing.
This is the continuing story of a surplus Windows 8 hybrid notebook/tablet conversion to Linux…
Cyber Security on Linux Mint
This section is a bit difficult to write. Why? Because unlike everywhere else, here I am going to suggest that you do not need anti-virus software for this version of Linux.
Not what you were expecting – is it – and for a more extensive explanation have a look at this article:
Security in Linux Mint and Ubuntu: an Explanation and Some Tips
Before I go any further, I want to make it clear I am speaking about a Linux machine used as an endpoint, not as a server. Linux server security is much more complex and security software is a must.
My small Linux notebook made from a Linx 10 Hybrid notebook/tablet from 2015
The Linux cyber security highlights
- Linux is written from the ground up with security in mind.
- Although there is Linux malware it is aimed mainly at server versions of Linux not desktop versions.
- Desktop Linux distros have several safeguards built in to resist the installation of Linux malware. Although these are user-dependent so mistakes can be made!
- For a well supported distro of Linux there are many independent developers involved in the code – that makes it very hard to include rogue code or leave a vulnerability unnoticed. (Not impossible but unlikely – and it is this that I will return to below, when it comes to my recommendations.)
- The Linux firewall is essential for good cyber security
Zero-day threats exist for all operating systems and software packages – this is the gap between a vulnerability becoming known to the developers and a patch getting to your machine – meanwhile the threat actor could have known about the same vulnerability for a long time and have been exploiting it – which means technical defences will not protect you during this period. Your only defence then is common sense, vigilance and training on any operating system.
Tips for better Linux Cyber Security
I will quote some of Pjotr here – they wrote the article referenced above.
- Use good passwords.
- Install updates as soon as they become available.
- Only install software from the official software sources of Linux Mint and Ubuntu.
- Don’t install Windows emulators like Wine.
- Enable the firewall.
Pjotr – Easy Linux Tips Project
Would I recommend Linux Mint for all your office machines?
The quick answer is no.
I am not sure I could recommend a system for general business use that did not include anti-virus and other cyber security protection, even if the OS and packages are “cyber secure” and the risk is small.
However I am happy with mine for the limited set of tasks I want it for and if someone had a similar business requirement then installing Linux Mint on an “outdated” laptop may be the cost effective solution they are looking for. However I would recommend reading the article I reference below and make your own risk assessment and write a policy for Linux use – or get your cyber security advisor to do it for you.
I am looking forward to giving this Linux laptop a field test next week, when I am heading to London for three nights to attend a conference.
Clive Catton MSc (Cyber Security) – by-line and other articles
p.s. Ben is going to try the ESET anti-virus product that we supply for Ubuntu Desktop – Linux Mint is a spur project of Ubuntu, so it may work. Watch this space.
References
Pjotr. (2023). Security in Linux Mint and ubuntu: An explanation and some tips. Easy Linux Tips Project. Retrieved March 14, 2023, from https://easylinuxtipsproject.blogspot.com/p/security.html
Further Reading
Linux for Business (Part I) – Octagon Technology
