this is something that i've been pondering for awhile.<p>at pretty much every job i've been at, we've had Linux Servers that we ssh into.<p>these linux servers have customer data on them, builds, code, business critical shit.<p>if i were a malicious individual, i could easily just rm -rf important files, scp important customer data out to my home computer. or use dropbox to sync some critical business data into the cloud... or casually peruse customer data and take advantage of it. and there would be no evidence that i did anything at all.<p>obviously, it's not possible to handle this from the networking side. SSH is encrypted, and any network level scans would just see a bunch of bits flowing between the server and me.<p>is there some solution to prevent this kind of linux data leak from happening? is it normal in companies for anyone to be able to just log on to servers, do whatever they want, without any kind of auditing or recording or tracking whatsoever?<p>i'm curious, with data leaks like the ashley madison one... did they ever find the perpetrator? does anyone even care about securing data....?<p>what does your company do to prevent data leaks?
There isn't a totally bullet/fool-proof way, but it boils down to aggressively locking down computing functions to match closely the job functions expected to be performed by every employee. This requires a thorough understanding of said job functions. For example, why do engineers need to ssh to production machines? If the answer is "to tail logs", then a facility needs to be created that allows the tailing of logs and nothing else. This can be done either by locking down authorized_keys, using restricted shells, or introducing centralized logging (logstash, kibana, ...).<p>Access to outside SSH is a big no-no. Access to outside file sharing (DropBox et al) is a liability unless explicitly required for performing job functions.<p>I've worked with a brilliant security mind (no irony here) who wanted to go as far as provide employees with remote desktop environments only, which were to run in a fully controlled environment. This removes attack vectors such as USB drives, computer theft, and so on. The proposal never flew, but the idea has merit and is thought-provoking in its own right.