We have had special guests at Zentyal HQ during the first weeks of the year. A few staff members of the Malawi Defence Force (MDF) visited us to take a training course, focused especially on security and how to optimize Zentyal server configuration to guarantee security in institutional environments. The course was jointly delivered by Zentyal and ACS Labs, UK-based IT support and service provider specialized in information security and Zentyal Partner.

Mussa Khonje, Computer Security Director at ACS Labs, UK, Nathan Soko and Duncain Taipi, respectively IT Officer and Director of Communications of Malawi Defence Force explained us why Zentyal software responds successfully to the main challenges regarding information security.

Zentyal: What would you say are the typical IT needs and challenges in defence force environments?

ACS Labs: The need to protect the banks, for example, is internationally recognized. When the armed conflict between Russia and Georgia took place in 2008, one of its effects was that people in Georgia could not draw money from banks. Since then organizations such as United Nations or NATO have implemented more rules to safeguard information security and how to tackle cyber operations. This is a new threat that is growing and changing all the time so there is a need to invest in this and it is also the direction the defence forces are taking.

MDF: Defence forces are not anymore all about armed defense, we believe that one must also be prepared for software attacks, to mitigate these attacks and to secure information. If your IT systems are being attacked or hacked, you should be able to make sure these systems can not be easily penetrated, that you are able to keep the information safe and secure the correct functioning of the government.

Zentyal: What are the benefits of Zentyal in comparison to other solutions?

ACS Labs: Zentyal’s position is unique because it is a one platform with so many solutions. It is a well-tested system, with constant security updates and also very flexible to changes on technology. With other solutions you find a big gap: you need to download the software updates and implement them to the machines, what takes a week or more, and during this time the hackers can attack your system. Zentyal offers customers fast and automatic updates.

MDF: Zentyal includes many services that in other software solutions come in different packages. Moreover, Zentyal integrates these services in all-in-one solution and it is very easy-to-use, just by clicking. We believe it is a powerful software that helps to control many security issues.

Zentyal: So, we heard that during the course you were simulating attacks to different machines in order to test their vulnerability. What were the results?

MDF: Yes, we were going into Zentyal software and other software products to test how difficult is to penetrate them. It took us five minutes to go into the proprietary product. Zentyal instead resisted the attack even though we know Zentyal rather well. When you configure it properly, it mitigates completely the attack.

ACS Labs: In the Zentyal Summit of 2012 ACS Labs tested and presented the findings we knew about the strength of Zentyal. It is intelligent to use Zentyal because it is secure by default. If you configure Zentyal very well and you have great security policy, you will always keep your infrastructure protected.

Zentyal: What would you highlight from the course?

MDF: The teacher, Mateo Burillo, went far much deeper than we expected. We believe you Zentyal guys have chosen someone who has deep knowledge about what we were interested in.

A post by Marta Cambronero