Behind The Numbers: Linux Gets High Marks For Security

The IT world may be an insecure place, but don't blame Linux. In fact, very few IT pros participating in InformationWeek Research's Linux and open-source survey say Linux has introduced security problems into their IT environments.

Only 6% of 225 user sites report security issues from Linux deployments on their servers, while 6% of 165 Linux PC users attribute a security problem to the open-source operating system. The results indicate a slight decrease in complaints about Linux security from a year ago, when 11% of IT pros encountered security issues with Linux servers and 7% had problems with Linux PCs.

The exact reason for the IT community's comfort with Linux is unclear. Some attribute this to the efforts of the large developer community supporting Linux, while others point out that Linux and its predecessor, Unix, were built from the start with security in mind.

Either way, large companies, or those with $1 billion or more in annual revenue, are more likely to encounter Linux security problems on their PCs and servers than their smaller counterparts. Fourteen percent have found this to be the case with their PCs, while 13% have run into problems on the server side. A negligible percentage of small and midsize businesses experienced Linux-related security issues.

More than half of the 242 sites in the InformationWeek Research Linux and open-source survey using or planning to deploy Linux rely solely on in-house staff to provide development and support expertise, while only 4% depend exclusively on a third-party partner. Twenty percent use a combination of in-house and third-party resources, while 19% are training their staff on Linux.What's your company's perception of Linux security? To help improve the security of your IT operations, take our short and confidential global information security survey.

Larry Greenemeier
Senior Editor
([email protected])

Deployment Threats

Has your company encountered security issues in its deployment of Linux on its servers or PCs?Security problems attributed to Linux on servers and PCs are rare occurrences. So what's most troubling to companies using the operating system? Compatibility with existing software, lack of technical knowledge, hardware-support problems, and issues stemming from multiple Linux versions top the complaint list.

Reported Incidents

Has your company's deployment of Linux on its servers or PCs resulted in security issues?Large companies might be experiencing a higher rate of security incidents attributed to their adoption of Linux on servers or PCs, but a recent Forrester Research study indicates that larger U.S. companies are committed to its implementation. More than half of 140 large businesses surveyed by the research company use Linux to run mission-critical applications. For new applications, 52% of sites chose Linux.

Fast Fixes

Has your company encountered security issues deploying Linux on its servers or PCs?One thing appears to be working in favor of Linux adoption: the speedy availability of software patches and bug fixes, essential components when adversity strikes. Two in five of 246 sites using Linux on servers report that fast access to patches and fixes is prompting them to speed up their adoption of Linux, while fast access is driving 44% of 155 sites deploying Linux on PCs to move to the operating system faster.

Help Wanted

On whom does your company depend for Linux development and support expertise?It's no wonder companies are relying on third-party expertise or training to get the Linux knowledge they need. IT workers might have the support expertise, but they lack Linux certification. While a third of 6,100 IT staff members in InformationWeek Research's 2005 National IT Salary Survey study report having Linux support skills, only 2% are certified in Linux Professional Institute Certification Level 1, 2, or 3.