Through this interview, we would like to share with you some important 'tips' so that you can protect your servers with 'Open Source' technologies in an easy and inexpensive way.
With this goal in mind, I decided to talk with María Fernanda Suárez. She is 24 years old and she works as a Software Developer in Kriptos. She graduated from the Escuela Politécnica Nacional, where she studied to become a "Systems Analyst". Her greatest loves are programming, acting and reading.
Mafer, as is known by her closest friends, knows very well how important it is to protect your servers (either physical or in the cloud). Servers store information and it cannot fall in the wrong hands. Not only it is important to protect and store information safely but also it is crucial for it to travel securely.
In relation to the last, she asserts that: "Open source solutions will help us accelerate digital transformation".
There are simple recommendations that can be made in order to protect the information that travels to and from servers.
Some of the most important are the following:
-Use SSH or Secure Shell. A protocol whose main function is to gain remote access to a server through a secure channel. The benefit of using this tool is that it encrypts information promising secure travel.
-Use Linux, which is very easy to install "sudo apt-get install openssh-server". Linux has its own firewall, which if activated, prevents from unauthorized access to servers. Also, apply firewall rules to filter packets.
-If you decide to use Windows, tools such as Putty or Bitvise allow you to establish a remote connection to servers securely by ssh (OpenSSH).
-Try not to install open source software if it is not strictly necessary. This will help you avoid suffering from any vulnerabilities they may have.
- Keep the system updated, store the encrypted data and check network listening ports.
What 'open source' technologies exist to protect our servers?
María Fernanda stresses that one of the best ways to protect any company is to organize self 'attacks' (as an ethical hacker would do) in an effort to discover the weaknesses that exist and strengthen vulnerable aspects.
According to María Fernanda, some of the best technologies available to protect our servers are:
-Kali Linux: it helps detect vulnerabilities in the server site.
-Nessus: it protects the server from attacks discovered by Kali Linux. It works as a complement of Kali Linux.
Another way in which we can protect communication between servers and clients is to add security certificates. To achieve this, use the tool called Letsencrypt (to encrypt communication between servers and clients).
Finally, use Firewalls, which will help block unauthorized access to servers. Good examples of firewalls are Iptables and Shorewall.
How reliable are open source technologies versus licensed software?
According to María Fernanda, everything depends on the needs of the company and also of the maturity and experience of your team:
Both technologies are the target of criminals who aim to find their vulnerabilities in order to cause harm.
A great advantage of open source solutions is that entire communities constantly collaborate to strengthen the technology and close gaps.
Another advantage of open source solutions is having access to the source code. By having access we can verify if data is really being protected. Controlling the code means knowing the destination of data which in turn is helpful by allowing you to implement the most recommendable security measures for each case.
The great advantage of licensed software is that you are guaranteed that someone will give you support if the technology fails.
On the contrary, buying a licensed software means that you cannot be sure if your information is really being protected or if there are vulnerabilities in the source code that could cause potential harm.
You could conclude that open source technologies are best suited when the team that implements it is experienced. Licensed software is a great solution for less experienced teams who need support and a hands off experience.
Under what circumstances would you recommend to implement open source technologies to protect our infrastructure?
When the main aim is to develop or program quickly, it is better to use open source technologies. In the case of start-ups for example, where development needs to move very fast, the recommendation is to use open source technologies. The fact of using them allows greater flexibility when faced with the decision to suddenly change technologies or suppliers. It is also important to take into account that open source technologies are supported by active communities that contribute with the tool´s evolution.
What recommendations could you give to a company that wants to implement an open source solution?
Before considering using an open source solution it is important to determine the functionalities it needs to have in order to be useful. In addition, it is crucial to calculate time into the equation. How much time will an open source solution take to implement? In order to consider a solution of this sort you must calculate time, effort and cost.
A great place where you can start evaluating open source solutions is GitHub. This webpage is a great resource when assessing different solutions as it tells you important facts such as: How many users are editing it? What programs other do you use? Are there conflicts with other programs?