Home > Configuration, Debian, Linux, OpenERP v6.0, Security, Ubuntu > Server security in OpenERP

Server security in OpenERP

CD cover for Debian GNU/Linux version 4, code ...

Image via Wikipedia

Sooner or later you have to address security in your OpenERP installation. For many reasons, the sooner you do that the better it is. The later you address security in OpenERP, the more money you lose (in those cases you start working on security after you had the problem, which means you are losing money).

What is the cost of not taking care of security? When you have security problems, your company is stopped (employees can not print invoices, customers can not place their sales orders, sales reps can not make their calls, you can not procure your supplies, and the list goes on and on). So put a number to those days. That is the value of security.

How do you start? The first thing to keep in mind is your server.  No matter what the application you are running in your server, whether it is a website or OpenERP, you have to secure the server. Most of the people I met run their OpenERP systems in Debian and Ubuntu (two popular Linux distributions). Some people do so in their own servers, some people host their systems in a VPS (such as Linode). Either way, again, you have to secure your server.

I will concentrate on Debian and Ubuntu (otherwise this is going to be a very long post). I will not cover Windows and will not get into the OpenERP security system. I will leave that for later. This is not a Linux security course, this post is intended to give you pointers to places where you can start working on the security of your system. Also, this does not cover Postgresql security.

First thing you have to do is to secure your server against intrusion. If your server is connected to the internet, your server is a target. Plain and simple as that.  How do you get started? This is a link to a great introduction on Linux security:

http://www.tldp.org/HOWTO/Security-Quickstart-HOWTO/

If you are using a Debian or Ubuntu distribution, you should read the Securing Debian Manual. And if you are running Ubuntu, don’t forget to check the Ubuntu Security Documentation (you should complement it with the Debian security manual).

Those are some pointers to places where you can get information on how to get started on securing your Linux server. Securing it against intrusion is extremely important, and should be one of your first items in your agenda. Again, if your server is connected to the Internet, your server is a target. And most of us can not afford to stop operations because our server was attacked by hackers.

Cheers!

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: