To begin with, we’ll remind that Linux is not a complete operating system, such as Microsoft Windows or MacOS, but a set of distribution files that are used for installation. We can say that Linux is a family of operating systems based on a single kernel.
After the system was founded in 1981, Linux was not very popular, but 10 years after its creation, it became widespread, because programmers around the world supported the idea of free software and many experts volunteered to help Linux creator Linus Torvalds improve the software solution and bring the system to the level of demand on the market.
Since the Linux OS is especially popular in the field of IT workers, in order to control a whole caste of employees (developers, administrators, etc.), software that can control this operating system was vital for information security specialists. In the coming days, the Falcongaze SecureTower DLP system will launch the system update 6.6, which will have a huge number of new features, including agent control on Linux OS.
The Linux agent has the following features:
1. Interception of network traffic (SSL/TLS, SMTP, POP3, FTP, HTTP, XMPP, IMAP).
The system intercepts and analyzes information transmitted via secure protocols using various types of encryption. If an encrypted object is sent over the network (for example, a password-protected archive), the system will intercept it and send a notification about the discovery of such data.
2. Interception of keystrokes.
The program has a tool called keylogger that logs all keystrokes on the user's keyboard, which can help in identifying the contents of encrypted documents.
3. Capture screenshots.
Monitoring in the form of screenshots is also provided in the agent for Linux, in addition, screenshots can be configured for a specific event or after a specific time.
4. Control and audit of USB devices (so far only USB devices).
SecureTower allows you to control a wide range of USB devices, from flash drives, memory cards to mobile phones. At the same time, access to the use of external media can be both allowed and denied, creating for this the so-called white and black lists. For example, if necessary, you can allow the use of only corporate USB devices. You can not only prohibit or allow the use of USB drives but also set a restriction - for example, allow only viewing data. Various parameters can be specified as a criterion: device serial number, manufacturer, product or device identifier, product name, and device type. All settings can be applied both to users and to entire departments. In addition, USB drives provide the ability to save (create shadow copies) of all data that the user writes to them.
The SecureTower Linux agent is aimed at controlling the theft of a company's information property. Leakage of such important data can lead to sad consequences for the entire organization, but the risks can be minimized by introducing a comprehensive software solution into the company that can prevent an incident or quickly respond to it.
The Falcongaze SecureTower version 6.6 update shows even greater system capabilities for preventing the leakage of company confidential data and monitoring employee activity, and the innovation in the form of a Linux agent takes SecureTower to a new level, opening up opportunities for working and developing in the new OS.