Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide

This article was last updated 5 years ago.


Last week the NCSC (National Cyber Security Centre) in the UK issued their latest publication which gives advice on how to configure Ubuntu 18.04 LTS in accordance with their security best practices.

The National Cyber Security Centre (NCSC)is the UK government department responsible for providing guidance on Information Security to the UK public and private sectors as well as responding to online security incidents and securing networks.

They have published many advisories on topics such as Multi Factor authentication for online services, security reviews of Google’s G Suite and Microsoft’s Office 365 as well as Bring Your Own Device (BYOD) policy.

EUD Security Principles

The “End User Device” (EUD) Security Collection provides “guidance for organisations deploying a range of end user device platforms as part of a remote working solution” but many of the documents are equally applicable to more general enterprise and home use.  There is a wealth of information and best practice guidance which can help you stay secure online. The EUD documents are based around a number of Security Principles which include:

  • Data-in-transit protection – how to keep your data secret while being transmitted over the internet
  • Data-at-rest protection – keeping your files safe on the computer itself
  • Authentication – making sure you are who you say you are
  • Secure Boot – Establishing trust the the operating systems boot process hasn’t been tampered with
  • Platform integrity and application sandboxing – keeping you safe from malware
  • Application whitelisting – restricting software to a specific known list

Securing Ubuntu 18.04 LTS

The latest publication from NCSC gives advice on how to configure Ubuntu 18.04 LTS Desktop to meet the 12 EUD principles with specific worked examples.  The document gives advice and instructions on, among other things:

  • Configuring remote access via VPN
  • Enforcing a strong password policy
  • Configuring UEFI for maximum protection
  • Enabling Livepatch for kernel updates without rebooting
  • Preventing execution of binary files from the home partition
  • Enabling and configuring firewalling
  • Auditing

Ubuntu has been built on a foundation of enterprise-grade, industry leading security practices. From our toolchain to the suite of packages we use and from our update process to our industry standard certifications, Canonical never stops working to keep Ubuntu at the forefront of safety and reliability.

When combined with NCSC’s guidance and instructions you can can be assured of a reliable set up to allow you to work safely and securely from a portable computer while online.

You can view the whole publication from NCSC here:

https://www.ncsc.gov.uk/collection/end-user-device-security/platform-specific-guidance/ubuntu-18-04-lts

You can read more about Ubuntu’s security practices here: https://www.ubuntu.com/security

Ubuntu desktop

Learn how the Ubuntu desktop operating system powers millions of PCs and laptops around the world.

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts

Securing open source through CVE prioritisation

According to a recent study, 96% of applications in the enterprise market use open-source software. As the open source landscape becomes more and more...

Needrestart local privilege escalation vulnerability fixes available

Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991,...

Canonical announces the first MicroCloud LTS release 

Canonical announces the first MicroCloud LTS release. MicroCloud 2.1.0 LTS features support for single-node deployments, improved security posture, and more...