Compliance
Compliance
Everything related to compliance, such as PCI-DSS, HIPAA, ISO27001/27002, SOx, and others and how they related to Linux systems and system administration.
GDPR Compliance: Technical Requirements for Linux Systems
An insight in the technical aspects and requirements for Linux systems when it comes to compliance with the GDPR, the General Data Protection Regulation.
In-depth Linux Guide to Achieve PCI DSS Compliance and Certification
This is the technical Linux guide to achieve compliance with the PCI DSS standard. Become compliant, with Linux tips for configuration and auditing.
SOx compliance and Enron: The Smartest Guys in the Room
On of the biggest companies in the US, Enron fell into the trap of fraud. Great lessons might be learned from the documentary and SOx compliance.
PCI DSS Linux: Creation and deletion of system-level objects
The PCI DSS standard defines Creation and deletion of system-level objects. For Linux systems this might be handled with the Linux audit framework.
PCI DSS (v3) Linux: Invalid logical access attempts (10.2.4)
PCI DSS compliance control 10.2.4 mandates to monitor invalid logical access attempts. For Linux we can use the Linux audit framework to monitor for this event.
PCI DSS Linux: Logging of administrative actions with root privileges
PCI DSS requires logging of administrative actions, including commands executed by the root user or using sudo. Learn how to set up accounting and auditing.
PCI DSS Linux: No write access to shared system binaries
PCI compliance demands that no write access is allowed to shared system binaries. Let's use several tools to determine if write access is allowed.
PCI DSS (v3) for Linux: Auditing application processes (A.1.2.a)
PCI DSS compliance requires you to verify if no application processes are running as root. We audit these application processes and check the status of each.
PCI DSS (v3) Linux: Restrict log file viewing (A.1.2.d)
Linux users who want to compliant with PCI DSS have to restrict log file viewing to only the owner. Learn how to achieve this.
Linux server security: Three steps to secure each system
Article about Linux server security and guidance for securing your Linux systems. Focus on auditing, hardening and compliance, to improve security defenses.