Most companies I’ve worked at where employees had a Microsoft work computers. They were under heavy control, even with admin privileges. I was wondering, for a corporate environment, how employees’Linux desktops could be kept under control in a similar way. What would be an open source or Linux based alternative to the following:
- policy control
- Software Center with software allow lists
- controlled OS updates
- zscaler
- software detection tool to detect what’s been installed and determine if any unallowed software is present
- antivirus
- VPN
I can think of a few things, like a company having it’s own software repos, or using an atomic distribution. There’s already open source VPN solutions if course. But for everything else I don’t really know what could be used or what setup we could have.
I meant that if a company wants to maintain the highest levels of security, the user should never be given access to sudo. If a certain workflow requires sudo, the workflow needs to be changed, or it needs to be done in a sanitized environment, or the user needs to be highly trusted.