by Chris Magill on January 25, 2017
I recently participated in a customer security review to give an overview of Smartsheet's security architecture and how we utilize Security Enhanced (or SE) Linux. "SELinux in Enforcing mode is definitely secure," the customer responded, "... provided you were actually able to get it to work."
The customer’s skepticism was understandable… in fact, I’ve heard this same reaction many times over. When I review Smartsheet’s security architecture with customers, one of the main topics that I discuss is the fact that our application is built on Security Enhanced Linux operating in Enforcing mode. In Information Security circles, it’s a well-known secure operating system. So Why the Skepticism?
However, SELinux is also notoriously difficult to manage.
Things that would be simple in a normal operating system, like copying a file or starting a service, require explicit permission. Nearly every action triggers some form of alert which must be investigated and a new configuration rule implemented. When I asked our Security Operations Team what the most important thing was to keeping SELinux in Enforce mode running effectively, their response was immediate: “Patience.” Getting the service to function securely at scale takes around 400,000 lines of configuration code and a Swiss watchmaker’s level of attention to detail. Many organizations who have tried to deploy SELinux ultimately give up and turn it off. SELinux was originally developed by the National Security Agency as a way to implement Mandatory Access Control. That means every action and object has to have an approved context. If something attempts to run outside of that expected context, the action is blocked by the operating system and sends an alert to our Security Operations Center for investigation. Malware, intrusion, and unauthorized actions by a malicious insider can all be detected and blocked before an adversary can gain a foothold in the environment. So Why Go Through the Trouble?
Effective security isn’t easy. It takes a deep understanding of how your service functions to keep things running smoothly.
The reward, however, is a robust, secure infrastructure which blocks malware and intrusion effectively without depending on traditional malware signatures or heuristics. Modern Information Security demands layered defenses managed by a skilled Security Operations team to be successful. In addition to SELinux in Enforcing mode, Smartsheet deploys a broad range of security controls including state-of-the-art application firewalls, Distributed Denial-of-Service (DDoS) mitigation capabilities, vulnerability detection, network segmentation and strong encryption of customer data in transit and at rest. Smartsheet was truly built with protection of your critical data in mind so you can rest at ease and focus on developing workflows that let you Work Better. Learn more about our security practices here. Source: Smartsheet Blog |