Regardless of whether you're running Linux, Windows, or whatever else, the reasons for security breaches are usually the same. They could be security bugs in the operating system or security bugs in an application that's running on that operating system. Often, a bug-related security breach could have been prevented had the administrators applied security updates in a timely manner.
Another big issue is poorly configured servers. A standard, out-of-the-box configuration of a Linux server is actually quite insecure and can cause a whole ton of problems. One cause of poorly configured servers is simply the lack of properly trained personnel to securely administer Linux servers. (Of course, that's great news for the readers of this book, because—trust me—there's no lack of well-paying IT security jobs.)
And now, in addition to Linux on servers and desktops, we now have Linux on devices that are part of the Internet of Things (IoT). There have been many security problems with these devices, in large part because people just don't know how to configure them securely.
As we journey through this book, we'll see how to do business the right way, to make our servers as secure as possible.
