Securing enterprise IT enviroments with F/OSS

Securing enterprise IT environments has become a time consuming task which is often approached by decision makers through the use and abuse of proprietary technologies, with the related vendor lock-in and the undeniable security issues which have already been discussed by security experts around the world.Free and open source software, as a broad term involving any computer program that allows the user to freely understand and improve it, becomes a great player on the enterprise security field, since it provides a consistent, cost-efficient way to secure an environment without spending hundreds of hours devising strange ways to patch things around a system.Since F/OSS doesn’t force users into vendor lock-ins, decision makers are free to lea and think of an elegant, macro solution which secures the organization in the fastest, cheapest way available, while enjoying the associated security features of security through visibility. Not in vain F/OSS has eaed the trust of big companies and govements through an undiscutable security record involving a low number of incidences and excellent response times.The big pictureTherefore, a proposed macro solution which can be approached is IAS: ensure integrity, ensure authenticity, ensure security. Integrity means that your system will work according to the plan for a long, long time, while you can focus on other, most important things like improving the IT support for the business. Authenticity means no one can fool you and your users into practices that could affect the business. Security means the things that you do in order to guarantee integrity and authenticity, that is, keeping strange things away from your setup.The first good thing about securing enterprises with F/OSS is that there’s no available tukey solution which will solve all problems. And this is a good thing since your team will have to integrate several pieces of software available from the greater F/OSS ecosystem and plug them in an orderly fashion so you can actually secure your environment. This diminishes the dependence on one developer community, promotes open communication standards and exercise your team’s creativity, which is often regarded as motivation.Securing an enterprise environment should not be a patch and test task, since this is a huge set of micro solutions which drain money and energies away from your project and sooner or later leads to the management believing that security is not important enough. F/OSS technologies will help you to achieve a secure state without much effort, and your systems and staff will thank you.About this postThis post was rotting at my blog’s Drafts since January. I was planning to post this for a global security blogging ocassion, but completely forgot about it. IT Security is not my current main field of work.References


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s