https://www.linuxjournal.com/tag/cybersecurity en https://www.linuxjournal.com/content/four-hidden-costs-and-risks-sudo-can-lead-cybersecurity-risks-and-compliance-problems-unix-a <div data-history-node-id="1339551" class="layout layout--onecol"> <div class="layout__region layout__region--content"> <div class="field field--name-field-node-image field--type-image field--label-hidden field--item"> <img src="https://www.linuxjournal.com/sites/default/files/nodeimage/story/BT_Logo_md.png" width="800" height="200" alt="Beyond Trust" typeof="foaf:Image" class="img-responsive" /></div> <div class="field field--name-node-author field--type-ds field--label-hidden field--item">by <a title="View user profile." href="https://www.linuxjournal.com/users/chad-erbe" lang="" about="https://www.linuxjournal.com/users/chad-erbe" typeof="schema:Person" property="schema:name" datatype="" xml:lang="">Chad Erbe</a></div> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><cite>Sponsored Post:</cite> <p> </p> It is always a philosophical debate as to whether to use open source software in a regulated environment. Open source software is crowd sourced, and developers from all over the world contribute to packages that are later included in Operating System distributions. In the case of ‘sudo’, a package designed to provide privileged access included in many Linux distributions, the debate is whether it meets the requirements of an organization, and to what level it can be relied upon to deliver compliance information to auditors. <p> </p> There are four hidden costs or risks that must be considered when evaluating whether sudo is meeting your organization’s cybersecurity and compliance needs on its Unix and Linux systems, including administrative, forensics and audit, business continuity, and vendor support. Although sudo is a low-cost solution, it may come at a high price in a security program, and when an organization is delivering compliance data to satisfy auditors. In this article, we will review these areas while identifying key questions that should be answered to measure acceptable levels of risk. While every organization is different, there are specific risk/cost considerations that make a strong argument for replacing sudo with a commercially-supported solution. <p> </p> <strong>Administrative Costs</strong> <br /> There are several hidden administrative costs is using sudo for Unix and Linux privilege management. For example, with sudo, you also need to run a third-party automation management system (like CFEngine or Puppet) plus third party authentication modules on the box. And, if you plan to externalize the box at all, you’re going to have to replace sudo with that supplier’s version of sudo. So, you end up maintaining sudo, a third-party management system, a third-party automation system, and may have to replace it all if you want to authenticate against something external to the box. A commercial solution would help to consolidate this functionality and simplify the overall management of Unix and Linux servers. <p> </p> Another complexity with sudo is that everything is local, meaning it can be extremely time-consuming to manage as environments grow. And as we all know, time is money. With sudo, you have to rely on local systems on the server to keep logs locally, rotate them, send them to an archival environment, and ensure that no one is messing with any of the other related subsystems. This can be a complex and time-consuming process. A commercial solution would combine all of this activity together, including binary pushes and retention, upgrades, logs, archival, and more. <p> </p></div> <div class="field field--name-node-link field--type-ds field--label-hidden field--item"> <a href="https://www.linuxjournal.com/content/four-hidden-costs-and-risks-sudo-can-lead-cybersecurity-risks-and-compliance-problems-unix-a" hreflang="und">Go to Full Article</a> </div> </div> </div> Fri, 20 Oct 2017 15:19:36 +0000 Chad Erbe 1339551 at https://www.linuxjournal.com