Buster <storyp...@gmail.com> writes: > He is the former head of our IT department, is a Windows guy, and > dislikes and distrusts anything Linux. His specific concern is > security. Namely, he is worried someone can hack into our system and > steal patron information. He is also concerned about mal-ware in > general and wants us to install antivirus software on it.
This is a FAQ. Google ought to help. Actually, there are some antivirus software for linux. < ;-P > clamav amavis < / :-P > On a serious note - these are virus filters for mail servers -- Linux does not require antivirus software. Period. If an IT guy says that it does, he does not deserve to be in IT. > So I guess my questions are, how do I answer the patron information > concern, and how do I answer the malware concern? How do the rest of > you handle Linux security concerns? What antivirus software do you > use and from whence do you get it? Yes - you may need to protect the software against SQL injection attacks. You need firewalls. You need security hardening. Hmmm... I had asked a question on this topic couple of days back - "what do you guys do to harden your systems?" > Please explain it to me in a way even a Windows guy with zero > understanding of Linux will understand it. Some guys will never get it. Do drop the idea of convincing him. Such people have pre-conceived notions; and no way you can change that. What you can stress on is, (a) freedom - ability to stay unfettered. If things go wrong with one service provider, you are not restricted in your choice of alternate service providers (if in-house staff is incompetent, you can always go for outside service providers; if provider XYZ Ltd is incompetent, you can choose between ABC Ltd., CDE., inc., or Mr/Ms. Joe|jane Skoder. (b) control - by the library as the user here. You guys need to be in control of the data. HW gets obsolete every few years - and s/w needs to keep pace. Other platforms will not give you (i) a clean and hiccup free transition path, (ii) the freedom to look at alternate solutions a few years down the line. Also, no chain is stronger than its weakest link. And you are going to install Koha into a VM within Windows. I doubt that unless you drop that VM idea, things will be more secure and stable, IMHO. -- Mahesh T. Pai || With freedom comes responsibility. Do not use unauthorised copies of copyrighted material. _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha