Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Will Cooke
on 30 July 2018

National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide


Last week the NCSC (National Cyber Security Centre) in the UK issued their latest publication which gives advice on how to configure Ubuntu 18.04 LTS in accordance with their security best practices.

The National Cyber Security Centre (NCSC)is the UK government department responsible for providing guidance on Information Security to the UK public and private sectors as well as responding to online security incidents and securing networks.

They have published many advisories on topics such as Multi Factor authentication for online services, security reviews of Google’s G Suite and Microsoft’s Office 365 as well as Bring Your Own Device (BYOD) policy.

EUD Security Principles

The “End User Device” (EUD) Security Collection provides “guidance for organisations deploying a range of end user device platforms as part of a remote working solution” but many of the documents are equally applicable to more general enterprise and home use.  There is a wealth of information and best practice guidance which can help you stay secure online. The EUD documents are based around a number of Security Principles which include:

  • Data-in-transit protection – how to keep your data secret while being transmitted over the internet
  • Data-at-rest protection – keeping your files safe on the computer itself
  • Authentication – making sure you are who you say you are
  • Secure Boot – Establishing trust the the operating systems boot process hasn’t been tampered with
  • Platform integrity and application sandboxing – keeping you safe from malware
  • Application whitelisting – restricting software to a specific known list

Securing Ubuntu 18.04 LTS

The latest publication from NCSC gives advice on how to configure Ubuntu 18.04 LTS Desktop to meet the 12 EUD principles with specific worked examples.  The document gives advice and instructions on, among other things:

  • Configuring remote access via VPN
  • Enforcing a strong password policy
  • Configuring UEFI for maximum protection
  • Enabling Livepatch for kernel updates without rebooting
  • Preventing execution of binary files from the home partition
  • Enabling and configuring firewalling
  • Auditing

Ubuntu has been built on a foundation of enterprise-grade, industry leading security practices. From our toolchain to the suite of packages we use and from our update process to our industry standard certifications, Canonical never stops working to keep Ubuntu at the forefront of safety and reliability.

When combined with NCSC’s guidance and instructions you can can be assured of a reliable set up to allow you to work safely and securely from a portable computer while online.

You can view the whole publication from NCSC here:

https://www.ncsc.gov.uk/collection/end-user-device-security/platform-specific-guidance/ubuntu-18-04-lts

You can read more about Ubuntu’s security practices here: https://www.ubuntu.com/security

Related posts


Canonical
26 September 2023

CVE 우선순위 지정을 통한 오픈 소스 보안

Security Security

최근 연구에 따르면 엔터프라이즈 시장의 애플리케이션 중 96%가 오픈 소스 소프트웨어를 사용합니다. 오픈 소스 환경이 점점 더 세분화됨에 따라 조직에 대한 잠재적인 보안 취약점의 영향을 평가하는 작업이 엄청날 수 있습니다. 우분투는 가장 안전한 운영 체제 중 하나로 알려져 있습니다. 하지만 그 이유는 무엇일까요? 우분투 보안팀은 매일 알려진 취약점에 대해 업데이트된 소프트웨어 패키지를 수정하고 릴리스하기 때문에 ...


Canonical
4 December 2024

Canonical announces Ubuntu Security Research Alliance Program 

Canonical announcements Article

Today, Canonical, the publisher of Ubuntu, announced its new Ubuntu Security Research Alliance Program, a free partnership between Canonical and open source vulnerability scanning organizations. The goal is to ensure vulnerability data is more transparent and standardized, while improving on-platform security for Ubuntu users through more ...


eslerm
19 November 2024

Needrestart local privilege escalation vulnerability fixes available

Ubuntu Article

Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, and CVE-2024-11003) and a related issue in libmodule-scandeps-perl (CVE-2024-10224). The vulnerabilities affect Debian, Ubuntu and other Linux distributions. Canonical’s securit ...