NCSC Ubuntu Security Advice

Improving Ubuntu security

The UK’s National Cyber Security Centre (part of GCHQ) has released a new report full of advice on how to improve the security of Ubuntu 18.04 LTS.

The NCSC is a (relatively new) section of the UK government responsible for issuing security advice to the public, businesses and private sector stakeholders on how to avoid computer security threats.

It’s also responsible for co-ordinating a response to any major online security incidents or breaches.

The latest published advisory focuses on Ubuntu 18.04 LTS

The NCSC is both prolific and prudent. It has previously issued advice on bettering security while using Chrome OS, Android, Microsoft Office 365, Windows 10, Google Docs, and more.

Now, in its latest published advisory, the department focuses on the Ubuntu 18.04 LTS operating system, released back in April 2018.

NCSC’s Ubuntu 18.04 LTS Security Checklist

The NCSC’s End User Device (EUD) documents provide actionable steps that enterprise, businesses and organisations with remote workers or take-home-devices can follow to stay as secure as possible.

‘By default Ubuntu has some features enabled which can be a privacy concern’, the report says

But the guidance given may also be of help to regular home users too.

Each report is based meeting 12 key security principles, which cover tasks like protecting data, authentication, secure boot, and device update policy.

The NCSC security guidance for Ubuntu 18.04 LTS suggests taking following steps (among others) to meet those principles:

  • Configure remote access via VPN
  • Improve passwords with the PAM password quality module
  • Set a maximum screen lock timeout
  • Disable error reporting, popularity contest, etc
  • Configure UEFI for secure boot protection
  • Enable Livepatch for kernel updates without rebooting
  • Only install Snaps from the Snap Store
  • External interface protection
  • Prevent execution of binary files from the home partition
  • Enable a firewall

All sensible tips, but are any of these strictly necessary?

No.

These are recommendations rather than mandatory to-dos requiring no further thought

As the report itself stresses, this NCSC’s guidance “consists of recommendations and should not be seen as a set of mandatory instructions requiring no further thought.

Ubuntu 18.04 LTS comes with robust security out of the box, with industry-grade security practices, regular Ubuntu security notices and ongoing Ubuntu security updates.

Following the NCSC’s guidance isn’t necessary for home users wanting to work safely and securely from a computer running Ubuntu (common sense is arguably the key feature people should deploy while computing).

That said, there’s also no harm in reading over their recommendations for peace of mind.

You can view the full publication from NCSC using the link below:

Security Guidance for Ubuntu 18.04 LTS

  • Source: NCSC
  • (via: Tip Form)