Will Cooke
on 30 July 2018
Last week the NCSC (National Cyber Security Centre) in the UK issued their latest publication which gives advice on how to configure Ubuntu 18.04 LTS in accordance with their security best practices.
The National Cyber Security Centre (NCSC)is the UK government department responsible for providing guidance on Information Security to the UK public and private sectors as well as responding to online security incidents and securing networks.
They have published many advisories on topics such as Multi Factor authentication for online services, security reviews of Google’s G Suite and Microsoft’s Office 365 as well as Bring Your Own Device (BYOD) policy.
EUD Security Principles
The “End User Device” (EUD) Security Collection provides “guidance for organisations deploying a range of end user device platforms as part of a remote working solution” but many of the documents are equally applicable to more general enterprise and home use. There is a wealth of information and best practice guidance which can help you stay secure online. The EUD documents are based around a number of Security Principles which include:
- Data-in-transit protection – how to keep your data secret while being transmitted over the internet
- Data-at-rest protection – keeping your files safe on the computer itself
- Authentication – making sure you are who you say you are
- Secure Boot – Establishing trust the the operating systems boot process hasn’t been tampered with
- Platform integrity and application sandboxing – keeping you safe from malware
- Application whitelisting – restricting software to a specific known list
Securing Ubuntu 18.04 LTS
The latest publication from NCSC gives advice on how to configure Ubuntu 18.04 LTS Desktop to meet the 12 EUD principles with specific worked examples. The document gives advice and instructions on, among other things:
- Configuring remote access via VPN
- Enforcing a strong password policy
- Configuring UEFI for maximum protection
- Enabling Livepatch for kernel updates without rebooting
- Preventing execution of binary files from the home partition
- Enabling and configuring firewalling
- Auditing
Ubuntu has been built on a foundation of enterprise-grade, industry leading security practices. From our toolchain to the suite of packages we use and from our update process to our industry standard certifications, Canonical never stops working to keep Ubuntu at the forefront of safety and reliability.
When combined with NCSC’s guidance and instructions you can can be assured of a reliable set up to allow you to work safely and securely from a portable computer while online.
You can view the whole publication from NCSC here:
You can read more about Ubuntu’s security practices here: https://www.ubuntu.com/security